🤖 Autonomous GitHub Team Skill
⚠️ Security Warning — Read Before Installing
This skill clones and executes bash scripts from a remote repository. Before running:
- 1. Audit the scripts first — review every agent file in the
agents/ directory - Use a least-privilege PAT — dedicated token scoped to a single test repo, not your main account
- Never run on a production repo until you've tested in an isolated fork
- Never commit tokens — keep
config.env private and out of version control - Require human review before merging any PRs the agents create
What It Does
41 AI agents that autonomously monitor a GitHub repository, detect bugs, create fixes, open PRs, and release to production automatically.
Required Environment Variables
CODEBLOCK0
Primary credential: GH_TOKEN — treat this as a high-privilege secret.
Setup
CODEBLOCK1
Security Requirements for the GitHub Token
The skill needs a token that can:
- - Read and write to repository contents
- Create and manage pull requests
- Read and write issues
Create a dedicated token for this skill:
- 1. GitHub → Settings → Developer Settings → Personal Access Tokens → Fine-grained tokens
- Scope to only the specific repository you want the team to operate on
- Grant only:
contents: read and write, pull requests: read and write, �INLINECODE5 - Never use your main account token with broad org access
Available Agents
CODEBLOCK2
Gitflow
CODEBLOCK3
Every run syncs main → develop first. The Git Guardian does not auto-merge to main — all merges to main require human approval.
Before Running on a Production Repo
- - [ ] Clone and review all
agents/*.sh files - [ ] Test in an isolated fork first
- [ ] Set up branch protection on
main (require PR reviews) - [ ] Use a dedicated, scope-limited PAT
- [ ] Keep
config.env out of version control
Security Checklist Before Publishing Changes
CODEBLOCK4
If you modify this repo, always scan before pushing publicly.
🤖 自主GitHub团队技能
⚠️ 安全警告 — 安装前请阅读
此技能会从远程仓库克隆并执行bash脚本。运行前:
- 1. 先审计脚本 — 检查agents/目录下的每个代理文件
- 使用最小权限PAT — 专用令牌仅限单个测试仓库,不要使用主账户
- 切勿在生产仓库上运行 — 先在隔离的分支中测试
- 切勿提交令牌 — 保持config.env私密且不受版本控制
- 合并代理创建的PR前需人工审核
功能说明
41个AI代理自主监控GitHub仓库,检测错误、创建修复、开启PR并自动发布到生产环境。
必需的环境变量
bash
GH_TOKEN # GitHub PAT — 需要:contents:w, pr:w, issues:w
TARGET_REPO # 要操作的仓库(格式:owner/repo)
主要凭据: GH_TOKEN — 将其视为高权限机密。
设置
bash
1. 克隆仓库(固定到v1.0.0标签)
git clone --branch v1.0.0 https://github.com/captainsvbot/AutonomousGitHubTeam.git
cd autonomous-github-team
2. 配置 — 编辑config.env
cp config.example.env config.env
nano config.env # 设置GH
TOKEN和TARGETREPO
3. 先审计代理(重要!)
运行前检查agents/*.sh文件
4. 运行
bash agents/orchestrator.sh
GitHub令牌的安全要求
技能需要一个能够:
为此技能创建专用令牌:
- 1. GitHub → 设置 → 开发者设置 → 个人访问令牌 → 细粒度令牌
- 范围限定在团队要操作的特定仓库
- 仅授予:contents: read and write、pull requests: read and write、issues: read and write
- 切勿使用具有广泛组织访问权限的主账户令牌
可用代理
bash
bash agents/orchestrator.sh # 完整流水线(检测→修复→发布)
bash agents/security-agent.sh # 漏洞扫描
bash agents/fixer-agent.sh # 应用修复,开启PR
bash agents/git-guardian-agent.sh # 合并PR(合并到主分支前需人工审核)
bash agents/backup-agent.sh # 通过GitHub API备份仓库
bash agents/rollback-agent.sh # 自动回滚损坏的提交
bash agents/team-bravo.sh # 活动监控(只读检查)
Git流程
feature/fix → develop → main
每次运行先将main同步到develop。Git Guardian不会自动合并到main — 所有合并到main的操作都需要人工批准。
在生产仓库上运行前
- - [ ] 克隆并检查所有agents/*.sh文件
- [ ] 先在隔离的分支中测试
- [ ] 在main上设置分支保护(需要PR审核)
- [ ] 使用专用的、范围受限的PAT
- [ ] 保持config.env不受版本控制
发布更改前的安全检查清单
bash
扫描意外提交的机密信息
grep -rni gho
\|token\|secret\|apikey\|password .
如果修改此仓库,在公开推送前务必进行扫描。
