Skills Guide

Automatisation de publication Claw

VérifiéPrudence

Automatisation des versions pour les compétences et le site Claw. Guide à travers les mises à jour de version, l'étiquetage et la vérification des versions. Aide à maintenir des versions cohérentes et à automatiser les étapes du pipeline CI/CD.

Spar Skills Guide Bot
DeveloppementIntermédiaire
7003/06/2026
Claude Code
#release-automation#version-bumping#git-tagging#skill-catalog

Recommandé pour

Développeur backendClaude CodeRevue de codeDéveloppeur frontendDéveloppeur fullstackRefactoring

Notre avis

Automatise le processus de versionnage, de marquage et de vérification des versions pour les skills Claw.

Points forts

  • Gère les mises à jour de version dans plusieurs fichiers (skill.json, SKILL.md).
  • Inclut une vérification préalable des modifications non commitées.
  • Permet de défaire une version avant publication.
  • Prend en charge les pré-versions (beta, alpha, rc).

Limites

  • Nécessite que les outils git, jq et gh soient installés.
  • Conçu spécifiquement pour l'écosystème ClawSec, pas pour d'autres projets.
  • Ne gère pas automatiquement les conflits de tags existants.
Quand l'utiliser

Utilisez ce skill lorsque vous devez créer une nouvelle version d'un skill Claw et l'intégrer au catalogue.

Quand l'éviter

Évitez de l'utiliser pour des projets qui ne suivent pas la structure des skills Claw ou qui n'utilisent pas GitHub Releases.

Analyse de sécurité

Prudence
Score qualité92/100

The skill is intended for internal release automation and follows a clear, structural workflow. However, it relies on an external, unaudited shell script to perform critical operations like version bumping, committing, and tagging. While the instructions themselves do not contain destructive or exfiltrating commands, the dependency on a third-party script introduces potential risk if that script is ever tampered with.

Points d'attention
  • The skill runs an external release script (./scripts/release-skill.sh) whose contents are not provided and are outside the scope of this audit.
  • It uses git push, which could publish changes; if the script is compromised, it could inject malicious tags or commits.
  • The skill requires the GitHub CLI (gh), which has broad API access.

Exemples

Release a skill
I need to release version 1.2.0 of the clawsec-feed skill. Help me go through the process.
Pre-release a skill
Guide me through creating a pre-release version 1.0.0-beta1 for my skill.
Undo a release
I just ran the release script but haven't pushed yet. How do I undo it?

name: claw-release version: 0.0.1 description: Release automation for Claw skills and website. Guides through version bumping, tagging, and release verification. homepage: https://clawsec.prompt.security metadata: {"openclaw":{"emoji":"🚀","category":"utility","internal":true}} clawdis: emoji: "🚀" requires: bins: [git, jq, gh]

Claw Release

Internal tool for releasing skills and managing the ClawSec catalog.

An internal tool by Prompt Security

Quick Reference

| Release Type | Command | Tag Format | |-------------|---------|------------| | Skill release | ./scripts/release-skill.sh <name> <version> | <name>-v<version> | | Pre-release | ./scripts/release-skill.sh <name> 1.0.0-beta1 | <name>-v1.0.0-beta1 |

Release Workflow

Step 1: Determine Version Type

Ask what changed:

  • Bug fixes only → Patch (1.0.0 → 1.0.1)
  • New features, backward compatible → Minor (1.0.0 → 1.1.0)
  • Breaking changes → Major (1.0.0 → 2.0.0)
  • Testing/unstable → Pre-release (1.0.0-beta1, 1.0.0-rc1)

Step 2: Pre-flight Checks

# Check for uncommitted changes
git status

# Verify skill directory exists
ls skills/<skill-name>/skill.json

# Get current version
jq -r '.version' skills/<skill-name>/skill.json

Step 3: Run Release Script

./scripts/release-skill.sh <skill-name> <new-version>

The script will:

  1. Validate version format (semver)
  2. Check tag doesn't already exist
  3. Update skill.json version
  4. Update SKILL.md frontmatter version (if file exists)
  5. Update hardcoded version URLs (feed_url)
  6. Commit changes
  7. Create annotated git tag

Step 4: Push Release

git push && git push origin <skill-name>-v<version>

Step 5: Verify Release

After pushing, the CI/CD pipeline will:

  1. Validate skill exists
  2. Verify version matches skill.json
  3. Verify version matches SKILL.md frontmatter (if exists)
  4. Generate checksums from SBOM
  5. Create .skill package (ZIP)
  6. Create GitHub Release
  7. Trigger website rebuild (for non-internal skills)

Verify at:

  • GitHub Releases: https://github.com/prompt-security/clawsec/releases/tag/<skill-name>-v<version>
  • GitHub Actions: Check workflow run status

Undo a Release (Before Push)

If you need to undo before pushing:

git reset --hard HEAD~1 && git tag -d <skill-name>-v<version>

Pre-release Versions

For beta, alpha, or release candidates:

./scripts/release-skill.sh <skill-name> 1.2.0-beta1
./scripts/release-skill.sh <skill-name> 1.2.0-alpha1
./scripts/release-skill.sh <skill-name> 1.2.0-rc1

Pre-releases are automatically marked in GitHub Releases.

Common Issues

| Error | Solution | |-------|----------| | Tag already exists | Choose a different version number | | Version mismatch in CI | Ensure you used the release script (not manual tagging) | | SKILL.md version mismatch | Ensure you used the release script which updates both skill.json and SKILL.md | | Uncommitted changes | Commit or stash first: git stash or git add . && git commit | | skill.json not found | Verify skill directory path is correct |

Internal Skills

Skills with "internal": true in their openclaw section:

  • Are released normally via GitHub Releases
  • Are NOT shown in the public skills catalog website
  • Can still be downloaded directly from release URLs

This skill (claw-release) is an internal skill.

Existing Skills

| Skill | Category | Internal | |-------|----------|----------| | clawsec-feed | security | No | | clawtributor | security | No | | openclaw-audit-watchdog | security | No | | soul-guardian | security | No | | claw-release | utility | Yes |

Verification Checklist

After release, confirm:

  • [ ] GitHub Release exists with correct tag
  • [ ] Release has: skill.json, SKILL.md, checksums.json, .skill package
  • [ ] Release is marked as pre-release if applicable
  • [ ] GitHub Actions workflow completed successfully
  • [ ] Website updated (for non-internal skills only)

License

GNU AGPL v3.0 or later - See repository for details.

Built by the Prompt Security team.

Skills similaires

Expert Next.js App Router

Developpement

Un skill qui transforme Claude en expert Next.js App Router.

Claude CodeCursoradvanced
890
234
2,846
Admin

Générateur de README

Developpement

Crée des README.md professionnels et complets pour vos projets.

claudeCursorWindsurfbeginner
259
72
821
Admin

Rédacteur de Documentation API

Developpement

Génère de la documentation API complète au format OpenAPI/Swagger.

claudeCursorWindsurfintermediate
156
44
682
Admin