技能详情(站内镜像,无评论)
作者:Danny Shmueli @dannyshmueli
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 1 · 1.5k · 2 current installs · 2 all-time installs
⭐ 1
安装量(当前) 2
🛡 VirusTotal :良性 · OpenClaw :可疑
Package:dannyshmueli/github-token
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :可疑
OpenClaw 评估
The skill mostly does what it says (uses PATs to talk to GitHub) but there are security- and coherence-related issues (metadata omissions, unsafe token handling/storage, and CLI usage that can leak tokens) that you should understand before installing.
目的
The name/description match the included code: the Python CLI uses a GitHub PAT to call the API and run git operations (clone, push, PRs, issues). However the registry metadata claims no required binaries while the script relies heavily on the git binary via subprocess calls — that is an inconsistency (the skill should declare 'git' as a required binary). Other than that, requested capabilities align with the stated purpose.
说明范围
SKILL.md tells the agent to accept a PAT and to 'Store in TOOLS.md or pass via --token'. Storing tokens in a plain text TOOLS.md or passing tokens on the command line are insecure practices. The included script embeds PATs into HTTPS URLs for clone/push which can cause tokens to be written into .git/config or otherwise persist on disk. The instructions ask the agent to handle tokens but give unsafe storage guidance and do not warn about proces…
安装机制
This is instruction-only with one script file; there is no install spec or remote downloads. That minimizes supply-chain risk — nothing is fetched from arbitrary URLs at install time.
证书
The skill declares no required env vars, and the code reads GITHUB_TOKEN from the environment (DEFAULT_TOKEN). That is reasonable. However SKILL.md's explicit instruction to save the token in TOOLS.md is disproportionate and insecure. Also the runtime behavior (embedding the token into HTTPS URLs or accepting it as a CLI arg) increases chances of exposure (saved in .git/config or visible in process lists). There are no unrelated credentials re…
持久
always is false and the skill doesn't request persistent platform privileges. It does, however, encourage storing the token in a file the agent controls (TOOLS.md), which would be persistence of a secret under the agent's files — the skill itself does not change other skills or system-wide settings.
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「GitHub Token」。简介:Interact with GitHub using Personal Access Tokens. Secure, user-controlled acce…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/dannyshmueli/github-token/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: github-pat
description: Interact with GitHub using Personal Access Tokens. Secure, user-controlled access - no OAuth, no full account access. Clone, push, branch, PR, issues. Use when user wants to work with GitHub repos.
---
# GitHub PAT
Interact with GitHub using Personal Access Tokens. User controls access via PAT scopes.
## Setup
User provides their PAT:
```
1. Create PAT at github.com/settings/tokens
2. Select scopes (repo for full, public_repo for public only)
3. Provide token to agent
```
Store in TOOLS.md or pass via `--token`.
## Commands
```bash
# List repos you have access to
python3 scripts/gh.py repos [--token TOKEN]
# Clone a repo
python3 scripts/gh.py clone owner/repo [--token TOKEN]
# Create branch
python3 scripts/gh.py branch <branch-name> [--repo owner/repo]
# Commit and push
python3 scripts/gh.py push "<message>" [--branch branch] [--repo owner/repo]
# Open a pull request
python3 scripts/gh.py pr "<title>" [--body "description"] [--base main] [--head branch]
# Create an issue
python3 scripts/gh.py issue "<title>" [--body "description"] [--repo owner/repo]
# View repo info
python3 scripts/gh.py info owner/repo
```
## Security Model
- **User controls access** via PAT scopes
- **No OAuth** - no "allow full access" prompts
- **Least privilege** - user creates PAT with minimal needed scopes
- **Fine-grained PATs** supported for specific repo access
## Token Storage
Agent stores token in TOOLS.md under `### GitHub` section. Never expose in logs or messages.