技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 1 · 1.1k · 17 current installs · 17 all-time installs
⭐ 1
安装量(当前) 17
🛡 VirusTotal :良性 · OpenClaw :良性
Package:ashwinhegde19/github-issue-resolver
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :良性
OpenClaw 评估
The skill's files, scripts, and declared behavior are consistent with an autonomous GitHub issue-fixing agent that enforces guardrails; it does not request unrelated credentials or perform obvious hidden exfiltration, but it will execute shell/git/gh commands in your environment and write audit/state files locally so review and caution are advised before running on sensitive repos.
目的
The skill claims to discover, analyze, and fix GitHub issues and the provided scripts implement fetching, analysis, sandboxed command execution, guardrail checks, audit logging, and PR creation. No unrelated credentials or network hosts are requested; the pieces (recommend, fetch, analyze, sandbox, create_pr, guardrails, audit) align with the stated purpose.
说明范围
SKILL.md confines actions to repository discovery, cloning, code edits, testing, and PR creation and enforces user approval for destructive actions. Runtime instructions reference only the provided scripts and standard developer tools; the agent will read/write repository files, call the GitHub API (via scripts), and run git/gh/ tests as documented. The guardrails explicitly forbid editing secrets, protected branches, and certain paths.
安装机制
No install spec is provided (instruction-only plus included scripts), so nothing is downloaded or installed by the registry. The code runs with system binaries (git, gh, python, npm, pytest, etc.) that must already be present — consistent with the skill's purpose.
证书
The skill declares no required environment variables or credentials. It relies on the local environment's git/gh authentication if pushing/creating PRs (create_pr.py checks gh auth). That is proportionate to a tool that pushes code and creates PRs — no unrelated secrets are requested. Be aware that audit logs and state files will be written to disk and may include contextual data (filenames, diffs).
持久
always:false (normal) and model invocation is enabled (normal). The skill persists state and audit logs under the skill/repo directory (writes .guardrails-state.json and audit/ session files). This is expected for an audit/logging feature but means local disk will be written to; review retention settings and where logs are stored before use.
综合结论
This skill appears internally consistent with its purpose, but take these precautions before installing or running it: - Review and test on a non-production repository first. The agent will clone repos, run shell commands, and can push/ create PRs if you approve. - Ensure you understand and control local git/gh authentication: create_pr.py uses the GitHub CLI and will push using your configured credentials if you approve a push. If you don't w…
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「GitHub Issue Resolver」。简介:Autonomous GitHub Issue Resolver Agent with guardrails. Use when the user wants…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/ashwinhegde19/github-issue-resolver/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: github-issue-resolver
description: Autonomous GitHub Issue Resolver Agent with guardrails. Use when the user wants to discover, analyze, and fix open issues in GitHub repositories. Triggers on requests like "fix GitHub issues", "resolve issues in repo", "work on GitHub bugs", or when the user provides a GitHub repository URL and asks for issue resolution. Supports the full workflow from issue discovery to PR submission with safety guardrails preventing scope creep, unauthorized access, and dangerous operations.
---
# GitHub Issue Resolver
Autonomous agent for discovering, analyzing, and fixing open GitHub issues — with a 5-layer guardrail system.
## ⚠️ GUARDRAILS — Read First
**Every action goes through guardrails.** Before any operation:
1. Load `guardrails.json` config
2. Validate scope (repo, branch, path)
3. Check action gate (auto/notify/approve)
4. Validate command against allowlist
5. Log to audit trail
For guardrail details, see [references/guardrails-guide.md](references/guardrails-guide.md).
### Key Rules (Non-Negotiable)
- **Never touch protected branches** (main, master, production)
- **Never modify** .env, secrets, CI configs, credentials
- **Never force push**
- **Never modify dependency files** without explicit approval
- **Never modify own skill/plugin files**
- **One issue at a time** — finish or abandon before starting new
- **All dangerous actions require user approval** (write code, commit, push, PR)
- **Everything is logged** to `audit/` directory
---
## Workflow
### Phase 1 — Issue Discovery
**Trigger:** User provides a GitHub repository (`owner/repo`).
**Steps:**
1. **Validate repo** against guardrails:
```bash
python3 scripts/guardrails.py repo <owner> <repo>
```
If blocked, tell the user and stop.
2. **Fetch, score, and present issues** using the recommendation engine:
```bash
python3 scripts/recommend.py <owner> <repo>
```
This automatically fetches open issues, filters out PRs, scores them by severity/impact/effort/freshness, and presents a formatted recommendation.
**Always use `recommend.py`** — never manually format issue output. The script ensures consistent presentation every time.
For raw JSON (e.g., for further processing):
```bash
python3 scripts/recommend.py <owner> <repo> --json
```
**⏹️ STOP. Wait for user to select an issue.**
---
### Phase 2 — Fixing
**Trigger:** User selects an issue.
**Steps:**
1. **Lock the issue** (one-at-a-time enforcement):
```bash
python3 scripts/guardrails.py issue_lock <owner> <repo> <issue_number>
```
2. **Read full issue thread** including comments.
3. **Clone the repo** (Gate: `notify`):
```bash
python3 scripts/sandbox.py run git clone https://github.com/<owner>/<repo>.git /tmp/openclaw-work/<repo>
```
4. **Create a safe branch** (Gate: `auto`):
```bash
python3 scripts/sandbox.py run git checkout -b fix-issue-<number>
```
5. **Explore codebase** — read relevant files. For each file:
```bash
python3 scripts/guardrails.py path <file_path>
```
6. **Plan the fix** — explain approach to user:
```
## Proposed Fix
- Problem: [root cause]
- Solution: [what changes]
- Files: [list of files and what changes in each]
- Estimated diff size: [lines]
```
**⏹️ STOP. Wait for user to approve the plan before implementing.**
7. **Implement the fix** (Gate: `approve`):
- Apply changes
- Check diff size: `python3 scripts/guardrails.py diff <line_count>`
- Log: `python3 scripts/audit.py log_action write_code success`
---
### Phase 3 — Testing
**After implementing:**
1. **Find and run tests** (Gate: `notify`):
```bash
python3 scripts/sandbox.py run npm test # or pytest, cargo test, etc.
```
2. **If tests fail AND `autoRollbackOnTestFail` is true:**
- Revert all changes
- Notify user
- Suggest alternative approach
3. **If no tests exist**, write basic tests covering the fix.
4. **Report results** to user.
---
### Phase 4 — Draft PR for Review (Approval REQUIRED)
**⚠️ NEVER create PR automatically. Always ask first.**
**Do NOT dump full diffs in chat.** For any non-trivial project, push the branch
and let the user review on GitHub where they get syntax highlighting, file-by-file
navigation, and inline comments.
1. **Commit changes** (Gate: `approve`):
```bash
python3 scripts/sandbox.py run git add .
python3 scripts/sandbox.py run git commit -m "Fix #<number>: <title>"
```
2. **Show a change summary** (NOT the raw diff) — keep it concise:
```
## Changes
- **src/models.py** — Added field validation (title length, enum checks)
- **app.py** — Added validation to POST endpoint, 400 error responses
- **tests/test_app.py** — 22 new tests covering validation rules
- 4 files changed, ~100 lines of source + ~150 lines of tests
- All tests passing ✅
```
3. **Ask explicitly:** "Ready to push and create a draft PR?"
4. **Only after user says "yes"** (Gate: `approve`):
```bash
python3 scripts/sandbox.py run git push -u origin fix-issue-<number>
python3 scripts/sandbox.py run gh pr create --draft --title "..." --body "..."
```
Note: PRs are always created as **draft** by default.
The PR body should include a detailed description of all changes, test results,
and link to the issue (Closes #N).
5. **Share the PR link** — user reviews on GitHub.
6. **Unlock the issue:**
```bash
python3 scripts/guardrails.py issue_unlock
```
---
## Scripts Reference
| Script | Purpose | Run Without Reading |
|--------|---------|---------------------|
| `scripts/recommend.py` | **Primary entry point** — fetch, score, and present issues | ✅ |
| `scripts/fetch_issues.py` | Raw issue fetcher (used internally by recommend.py) | ✅ |
| `scripts/analyze_issue.py` | Deep analysis of single issue | ✅ |
| `scripts/create_pr.py` | PR creation wrapper | ✅ |
| `scripts/guardrails.py` | Guardrail enforcement engine | ✅ |
| `scripts/sandbox.py` | Safe command execution wrapper | ✅ |
| `scripts/audit.py` | Action logger | ✅ |
## References
- [references/quick-reference.md](references/quick-reference.md) — GitHub API reference, scoring rubric, test commands
- [references/guardrails-guide.md](references/guardrails-guide.md) — Full guardrails documentation and customization