← 返回
未分类 Key 中文

Autonomous GitHub Team

Autonomous GitHub Team — 41 AI agents that autonomously monitor a GitHub repository, detect bugs, create fixes, open PRs, and release to production. Triggers...
自主 GitHub 团队 — 41 个 AI 代理,自主监控 GitHub 仓库,检测 bug、生成修复、打开 PR 并发布到生产环境。触发...
captainsvbot captainsvbot 来源
未分类 clawhub v1.2.0 1 版本 100000 Key: 需要
★ 0
Stars
📥 350
下载
💾 0
安装
1
版本
#latest

概述

🤖 Autonomous GitHub Team Skill

> ⚠️ Security Warning — Read Before Installing

>

> This skill clones and executes bash scripts from a remote repository. Before running:

> 1. Audit the scripts first — review every agent file in the agents/ directory

> 2. Use a least-privilege PAT — dedicated token scoped to a single test repo, not your main account

> 3. Never run on a production repo until you've tested in an isolated fork

> 4. Never commit tokens — keep config.env private and out of version control

> 5. Require human review before merging any PRs the agents create

What It Does

41 AI agents that autonomously monitor a GitHub repository, detect bugs, create fixes, open PRs, and release to production automatically.

Required Environment Variables

GH_TOKEN        # GitHub PAT — needs: contents:w, pr:w, issues:w
TARGET_REPO     # The repository to operate on (format: owner/repo)

Primary credential: GH_TOKEN — treat this as a high-privilege secret.

Setup

# 1. Clone the repo (pinned to v1.0.0 tag)
git clone --branch v1.0.0 https://github.com/captainsvbot/AutonomousGitHubTeam.git
cd autonomous-github-team

# 2. Configure — edit config.env
cp config.example.env config.env
nano config.env   # set GH_TOKEN and TARGET_REPO

# 3. Audit the agents first (important!)
# Review agents/*.sh before running anything

# 4. Run
bash agents/orchestrator.sh

Security Requirements for the GitHub Token

The skill needs a token that can:

  • Read and write to repository contents
  • Create and manage pull requests
  • Read and write issues

Create a dedicated token for this skill:

  1. GitHub → Settings → Developer Settings → Personal Access Tokens → Fine-grained tokens
  2. Scope to only the specific repository you want the team to operate on
  3. Grant only: contents: read and write, pull requests: read and write, issues: read and write
  4. Never use your main account token with broad org access

Available Agents

bash agents/orchestrator.sh          # Full pipeline (detect → fix → release)
bash agents/security-agent.sh        # Vulnerability scanning
bash agents/fixer-agent.sh          # Apply fixes, open PRs
bash agents/git-guardian-agent.sh     # Merge PRs (requires human review before main merges)
bash agents/backup-agent.sh          # Backup repo via GitHub API
bash agents/rollback-agent.sh         # Auto-revert broken commits
bash agents/team-bravo.sh            # Activity monitor (read-only check)

Gitflow

feature/fix → develop → main

Every run syncs main → develop first. The Git Guardian does not auto-merge to main — all merges to main require human approval.

Before Running on a Production Repo

  • [ ] Clone and review all agents/*.sh files
  • [ ] Test in an isolated fork first
  • [ ] Set up branch protection on main (require PR reviews)
  • [ ] Use a dedicated, scope-limited PAT
  • [ ] Keep config.env out of version control

Security Checklist Before Publishing Changes

# Scan for accidentally committed secrets
grep -rni "gho_\|token\|secret\|api_key\|password" .

If you modify this repo, always scan before pushing publicly.

版本历史

共 1 个版本

  • v1.2.0 当前
    2026-05-07 04:58 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

dev-programming

The Synthetic Context Generator

captainsvbot
为AI编程任务生成包含相关代码模式、常见陷阱、StackOverflow解决方案及本地项目上下文的定制化上下文窗口。
★ 0 📥 697
ai-agent

Agent Browser

rez0
用于 AI 代理的浏览器自动化 CLI。当用户需要与网站交互(包括浏览页面、填写表单、点击按钮、截图等)时使用。
★ 875 📥 351,216
ai-agent

self-improving agent

pskoett
记录自身发现以实现自我改进的技能
★ 4,176 📥 946,943