initialise-skills
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
Chineseinitialise-skills
initialise-skills(技能初始化)
Populate and keep accurate the per-skill files that the shared
agent skills (, , , , ,
…) read at runtime. Run inside the host repo, it detects repo facts, maps them
onto each installed skill's config schema, and writes accurate configs — without
ever clobbering a value a human deliberately set.
config.jsonchangelogsend-itcleanup-repolinear-synctriage-prIt is dry-run first and idempotent: the first step always previews the
diff, writes happen only after you confirm, and a re-run with nothing new to
detect leaves every file byte-for-byte unchanged.
填充并维护共享Agent技能(、、、、等)在运行时读取的各技能文件。在宿主仓库内运行时,它会检测仓库事实,将其映射到每个已安装技能的配置架构,并写入准确的配置——绝不会覆盖人为手动设置的值。
changelogsend-itcleanup-repolinear-synctriage-prconfig.json它具备先试运行和幂等性特性:第一步总会预览差异,仅在你确认后才执行写入;若没有新的检测内容,重新运行会让所有文件保持字节级完全一致。
How it decides what to write
写入逻辑说明
For each installed skill it loads two things: the skill's own
(which defines the set of keys to reconcile) and the
existing (which may be absent on a fresh install). Each key is then
classified by a three-way comparison — example placeholder vs existing value vs
detected value:
config.example.jsonconfig.json| Status | Meaning | Action |
|---|---|---|
| No value yet, or still the example placeholder | Write the detected value |
| Existing value already equals what we detected | No-op |
| A real value that differs from detection — a deliberate edit | Keep it; report both values |
| No detector and no value (e.g. a Linear slug with no MCP) | Leave for you to supply |
| A real value we have no detector for | Keep it |
| A key in | Keep it, untouched |
Detection is keyed by config-key name, not by skill, so one detector serves
every skill that uses a key (one detector covers ,
; one detector covers , ,
). See
for the full table of keys, their detection sources, and fallbacks.
baseBranchchangelogsend-itissueKeyschangelogcleanup-repolinear-syncreferences/detectable-keys.mdpreflightpreflight.config.jsonconfig.json.gitignore.preflight-summary.json.gitignore对于每个已安装的技能,它会加载两类内容:技能自身的(定义需要协调的键集合)和已有的(全新安装时可能不存在)。随后通过三方对比(示例占位符 vs 现有值 vs 检测值)对每个键进行分类:
config.example.jsonconfig.json| 状态 | 含义 | 操作 |
|---|---|---|
| 尚无值,或仍为示例占位符 | 写入检测到的值 |
| 现有值已与检测值一致 | 无操作 |
| 实际值与检测值不同——人为手动编辑的结果 | 保留原值;同时报告原值和检测值 |
| 无检测器且无对应值(例如无MCP时的Linear slug) | 留待用户补充 |
| 我们无对应检测器的实际值 | 保留原值 |
| | 完全保留,不做修改 |
检测按配置键名而非技能进行关联,因此一个检测器可服务于所有使用该键的技能(一个检测器覆盖、;一个检测器覆盖、、)。完整的键列表、检测来源及回退方案请查看。
baseBranchchangelogsend-itissueKeyschangelogcleanup-repolinear-syncreferences/detectable-keys.mdpreflightpreflight.config.jsonconfig.json.gitignorepreflight.gitignore.preflight-summary.jsonThe .gitignore
step
.gitignore.gitignore
处理步骤
.gitignoreThe skill writes to the repo root on every
real run, so without an ignore rule it surfaces as an untracked change after a
run. When is installed, this skill ensures the host repo's
root excludes it — the one mutation it makes outside a skill's
. The edit is append-only and idempotent: it adds the commented
entry only when absent (creating if there is none), and never
reorders or removes existing lines. The dry-run report shows the pending edit
(); a re-run after writing reports .
preflight.preflight-summary.json/send-itpreflight.gitignoreconfig.json.gitignorewill add …already ignoredpreflight.preflight-summary.json/send-itpreflight.gitignoreconfig.json.gitignorewill add …already ignoredThe skills.lock
step
skills.lockskills.lock
处理步骤
skills.lockAlongside the config reconcile, this skill emits a committed
at the repo root — a machine-readable inventory of which skill versions are installed
and where they came from:
.claude/skills.lockjson
{ "source": "https://github.com/acme-skunkworks/agent-skills", "ref": "main",
"skills": { "changelog": "1.2.0", "send-it": "2.1.3", "…": "…" } }- — a full inventory of every installed bundle (including
skillsand this skill), read from eachpreflightSKILL.md. Keys are sorted, so a re-run with no version changes is a byte-stable no-op (the file only rewrites when a version actually moves). The lock lives at the fixedmetadata.versionpath regardless of where the bundles were vendored (.claude/skills.lock,skills/,.claude/skills/), and consumers commit it..agents/skills/ - /
source— provenance the script cannot derive (skills.sh records nowhere where a consumer installed from). Supply them asref/facts.lockSourcein the write step's stdin (see step 2); an existing lock's values are preserved when omitted. When neither is available the field is written asfacts.lockRefand the report flags it (null) — never fabricated.source/ref not supplied
This is the foundation for detecting which repos are behind — see
Checking for updates below.
在协调配置的同时,本工具会在仓库根目录生成一个已提交的****文件——这是一个机器可读的清单,记录了已安装技能的版本及其来源:
.claude/skills.lockjson
{ "source": "https://github.com/acme-skunkworks/agent-skills", "ref": "main",
"skills": { "changelog": "1.2.0", "send-it": "2.1.3", "…": "…" } }- ——所有已安装技能包(包括
skills和本工具)的完整清单,读取自每个技能的preflight文件中的SKILL.md。键按排序排列,因此若版本无变化,重新运行是字节级稳定的无操作(仅当版本实际变更时才会重写文件)。无论技能包被安装在何处(metadata.version、skills/、.claude/skills/),锁文件都固定位于.agents/skills/路径,且需要用户提交该文件。.claude/skills.lock - /
source——脚本无法自动推导的来源信息(ref不会记录用户从何处安装技能)。可在写入步骤的标准输入中以skills.sh/facts.lockSource的形式提供;若已存在锁文件,省略时会保留其原有值。若两者均无法获取,该字段会被写入为facts.lockRef,且报告会标记(null)——绝不会凭空捏造。source/ref not supplied
这是检测哪些仓库版本落后的基础——请查看下方的检查更新部分。
Process
操作流程
-
Dry run. From the host repo root, run the bundled script for a machine-readable preview:bash
node <skills-dir>/initialise-skills/scripts/initialise.mjs --dry-run --jsonis wherever the bundles are installed (e.g.<skills-dir>,skills/,.claude/skills/); the script auto-detects its siblings relative to its own location, so usually you can just run it from the repo root. Parse the JSON:.agents/skills/with per-keyskills[], plusstatus,driftKeys, andmanualKeys.totals -
Fill the facts. For eachLinear key (
needs-manual-input,linearTeamName), fetch the value via the Linear MCP when it is available —linearWorkspaceSlugfor the team name, and the workspace slug from the team/organisation — otherwise ask the user. Collect these into amcp__linear-server__list_teamsobject. Also add the lock provenance here:facts(the source repo the skills were installed from — the agent-skills repo URL) andlockSource(the ref installed from; defaultlockRef, the fleet convention, unless a tag/SHA was pinned). Skip either when an existingmainalready records it — its value is preserved..claude/skills.lock -
Present the diff and confirm. Show the human report (re-run without, or render the parsed JSON). Call out the
--jsonkeys that will be written, theinferredkeys that will be kept, and thedriftkeys. For eachneeds-manual-inputkey, ask whether to accept the detected value (the per-key opt-in). Gather the accepted ones into andriftmap keyed by skill name, e.g.acceptDrift. This is the confirmation gate — do not write before it.{ "changelog": ["issueKeys"] } -
Write. Re-run with, piping the gathered facts and drift opt-ins as stdin JSON:
--writebashecho '{"facts":{"linearTeamName":"…","linearWorkspaceSlug":"…","lockSource":"https://github.com/acme-skunkworks/agent-skills","lockRef":"main"},"acceptDrift":{"changelog":["issueKeys"]}}' \ | node <skills-dir>/initialise-skills/scripts/initialise.mjs --write --jsonReport what was written from the returned, plus thetotalsfield (itsgitignore—status,added,created, orpresent; the field is absent entirely whennegatedisn't installed, as thepreflightstep is skipped) and the.gitignorefield (itslock—status,written, orunchanged;would-writemeansneedsFacts: true/lockSourcestill need supplying).lockRef -
Confirm idempotency. Run the dry run once more; every key should now be(apart from drifts you chose to keep and any still-missing manual values). When
unchangedis installed,preflightshould begitignore.status(orpresent, if the repo deliberately un-ignores the file — also a stable no-op); when it isn't, thenegatedstep is skipped and there's no.gitignorefield to check.gitignoreshould belock.status. This proves the configs, theunchanged, and the.gitignoreare stable and a future re-run is a no-op.skills.lock -
GitHub App & token check. If this repo will run the shared Claude workflows (and their caller stubs), the GitHub App must be installed and the
reusable-claude*.ymlrepository Actions secret set — the workflows authenticate with it and fail on an empty token (A-646). The required secret isCLAUDE_CODE_OAUTH_TOKEN, notCLAUDE_CODE_OAUTH_TOKEN.ANTHROPIC_API_KEYProbe for the secret (best-effort — skip silently ifis unavailable or unauthenticated; a repo that runs no Claude workflows needs neither). Run the listing and the name-check as two separate steps and read each result — do not collapse them into oneghpipe, which would report the same failure for agh … | greperror and a genuine absence, hiding the can't-verify case:ghbash# step 1 — list the repo's Actions secrets; a non-zero exit here is "can't verify" gh secret list --repo <owner>/<repo> --app actions # step 2 — only when step 1 succeeded, check whether the name is in that output- present (step 1 succeeds and lists the name) → report OK; nothing to do.
- absent (step 1 succeeds but the name is missing) → warn and remind the
operator to run , which installs the App and adds the secret.
/install-github-app - can't verify (step 1 itself errors — e.g. a without repo-admin scope, or
403not installed) → surface it as "couldn't verify the token — please confirmghis set manually", never block or fail the run. A can't-tell is not an absence.CLAUDE_CODE_OAUTH_TOKEN
The App install itself can't be reliably introspected without the App's own token, so the secret's presence is the reliable proxy; thereminder covers installing the App and setting the secret together./install-github-app -
Multi-bundle repos — one manual step. If this repo itself ships several independently-versioned skill bundles,'s
send-itis not auto-written (it isn't inbundleVersioning'ssend-itkey set, so detection has nothing to populate). Add it toconfig.example.jsonby hand —send-it/config.json— to enable the per-bundle version-bump check. Single-package repos skip this.{ "root": "<bundle-dir>", "manifest": "package.json", "skillFile": "SKILL.md" }
-
试运行。从宿主仓库根目录运行捆绑脚本,获取机器可读的预览结果:bash
node <skills-dir>/initialise-skills/scripts/initialise.mjs --dry-run --json是技能包的安装路径(例如<skills-dir>、skills/、.claude/skills/);脚本会根据自身位置自动检测同级技能包,因此通常只需从仓库根目录运行即可。解析JSON结果:包含每个键的.agents/skills/的status数组,以及skills[]、driftKeys和manualKeys字段。totals -
补充事实信息。对于每个标记为的Linear键(
needs-manual-input、linearTeamName),若Linear MCP可用则通过其获取值——团队名称通过linearWorkspaceSlug获取,工作区slug从团队/组织信息中获取——否则询问用户。将这些信息收集到mcp__linear-server__list_teams对象中。同时在此处添加锁文件来源信息:facts(技能安装源仓库的URL——即agent-skills仓库的URL)和lockSource(安装时使用的引用;默认值为lockRef,这是团队约定,除非固定了标签/SHA)。若已存在main文件且已记录这些值,可跳过填写——原有值会被保留。.claude/skills.lock -
展示差异并确认。展示面向人工的报告(重新运行时去掉参数,或渲染解析后的JSON结果)。突出显示即将写入的
--json键、将被保留的inferred键,以及drift键。对于每个needs-manual-input键,询问是否接受检测到的值(按键逐个确认)。将用户接受的键收集到drift映射中,键为技能名称,例如acceptDrift。这是确认环节——未确认前不得执行写入操作。{ "changelog": ["issueKeys"] } -
执行写入。添加参数重新运行脚本,并将收集到的事实信息和偏差确认结果通过标准输入以JSON格式传入:
--writebashecho '{"facts":{"linearTeamName":"…","linearWorkspaceSlug":"…","lockSource":"https://github.com/acme-skunkworks/agent-skills","lockRef":"main"},"acceptDrift":{"changelog":["issueKeys"]}}' \ | node <skills-dir>/initialise-skills/scripts/initialise.mjs --write --json根据返回的字段报告写入内容,同时包含totals字段(其gitignore值为status、added、created或present;若未安装negated,则会跳过preflight步骤,此字段完全不存在)和.gitignore字段(其lock值为status、written或unchanged;would-write表示仍需提供needsFacts: true/lockSource)。lockRef -
验证幂等性。再次运行试运行;除用户选择保留的偏差值和仍未补充的手动值外,所有键的状态都应为。若安装了
unchanged,preflight应显示为gitignore.status(或present,若仓库刻意取消忽略该文件——这也是稳定的无操作状态);若未安装negated,则会跳过preflight步骤,无需检查该字段。.gitignore应显示为lock.status。这证明配置、unchanged和.gitignore均处于稳定状态,未来重新运行时不会产生任何变更。skills.lock -
GitHub应用与令牌检查。若本仓库将运行共享的Claude工作流(及其调用存根),则必须安装GitHub应用,并设置
reusable-claude*.yml仓库Actions密钥——工作流通过该密钥进行身份验证,若令牌为空则会失败(A-646)。所需的密钥是**CLAUDE_CODE_OAUTH_TOKEN,而非CLAUDE_CODE_OAUTH_TOKEN**。ANTHROPIC_API_KEY探测密钥状态(尽力而为——若不可用或未认证则静默跳过;不运行Claude工作流的仓库无需这两者)。将列出密钥和名称检查分为两个独立步骤并分别读取结果——不要合并为一个gh管道命令,因为该命令会将gh … | grep执行错误和密钥实际缺失两种情况报告为相同的失败结果,从而掩盖无法验证的情况:ghbash# 步骤1——列出仓库的Actions密钥;若此处非零退出则表示"无法验证" gh secret list --repo <owner>/<repo> --app actions # 步骤2——仅当步骤1成功时,检查密钥名称是否在输出中- 已存在(步骤1成功且输出中包含该名称)→ 报告正常;无需操作。
- 不存在(步骤1成功但输出中无该名称)→ 发出警告,并提醒操作人员运行****,该命令会安装应用并添加密钥。
/install-github-app - 无法验证(步骤1本身出错——例如无仓库管理员权限导致的,或未安装
403)→ 提示"无法验证令牌——请手动确认gh已设置",绝不阻止或终止运行。无法确认不等于不存在。CLAUDE_CODE_OAUTH_TOKEN
若无应用自身的令牌,无法可靠地检查应用是否已安装,因此密钥的存在状态是可靠的替代指标;的提醒会同时覆盖应用安装和密钥设置操作。无论哪种情况,本工具都能完整运行。/install-github-app -
多技能包仓库——手动步骤。若本仓库本身包含多个独立版本化的技能包,则的
send-it不会被自动写入(它不在bundleVersioning的send-it键集合中,因此检测逻辑无法为其填充内容)。需手动将其添加到config.example.json中——格式为send-it/config.json——以启用按技能包的版本升级检查。单包仓库可跳过此步骤。{ "root": "<bundle-dir>", "manifest": "package.json", "skillFile": "SKILL.md" }
Reviewing an existing config
查看现有配置
To inspect what a repo's skills are currently configured with — without
reconciling or writing anything — run the read-only review:
bash
node <skills-dir>/initialise-skills/scripts/initialise.mjs --reviewFor each installed skill it prints its full : every key's current
value, its classification ( / / / /
/ — see the table above), and a one-line
description of what the key is and where its value comes from, drawn from
. Keys a consumer
set that no skill template knows about show as (kept verbatim, no
description), and template keys not yet present in show as
, so the review is the whole picture rather than just the pending
diff a dry-run would show. The human text shows each key's line, and — for an unset key — the default that
applies until it's configured (set keys omit it, since the live value already
shows what's in effect). Add for the
machine-readable form (a array of entries, plus ). It never writes to
disk and skips the step.
config.jsoninferredunchangeddriftmanual-keptneeds-manual-inputunknown-keptreferences/detectable-keys.mdunknown-keptconfig.json— not setused by … — <detection source>fallback:--jsonskills[]{ key, value, isSet, status, usedBy, detectionSource, fallback }totals.gitignore若要查看仓库中技能的当前配置——无需协调或写入任何内容——可运行只读的查看命令:
bash
node <skills-dir>/initialise-skills/scripts/initialise.mjs --review对于每个已安装的技能,它会打印完整的:每个键的当前值、分类(/////——见上方状态表),以及该键的用途和值来源的单行描述,信息取自。用户设置的、技能模板未定义的键会显示为(完全保留,无描述);模板中存在但中尚未设置的键会显示为,因此该查看命令能展示完整的配置情况,而非仅试运行所显示的待变更差异。面向人工的文本会显示每个键的行;对于未设置的键,会显示默认值(已设置的键会省略此项,因为当前值已显示生效中的配置)。添加参数可获取机器可读格式(包含条目的数组,以及字段)。该命令绝不会写入磁盘,且会跳过步骤。
config.jsoninferredunchangeddriftmanual-keptneeds-manual-inputunknown-keptreferences/detectable-keys.mdunknown-keptconfig.json— not setused by … — <detection source>fallback:--json{ key, value, isSet, status, usedBy, detectionSource, fallback }skills[]totals.gitignoreChanging a setting later
后续修改配置
Once a consumer's exists, hand-editing it is a supported way to
change a setting — you don't have to route every change through this skill. Open
(or wherever the bundle is vendored), change the value,
and save. It is a real file the consumer owns; the shared skills read it at runtime.
config.jsonskills/<name>/config.jsonA manual edit like that survives future re-runs. On the next
run the reconcile classifies your value as — a real value that differs from
what detection would produce — and keeps it, reporting both the kept value and
the detected one (see the status table above). It is
never silently overwritten: drift is only replaced if you explicitly opt in for that
key (the per-key gate in step 3). So a deliberate manual edit and a
detected fact coexist — the tool reconciles the facts it can detect without clobbering
the ones you set by hand.
initialise-skillsdriftacceptDriftPrefer below when you
want the same change made through the tool — it validates the key against the
skill's and preserves key order and formatting — but a direct
hand-edit is equally valid and equally safe.
--set <skill>.<key>=<value>config.example.json一旦用户的存在,手动编辑是修改配置的支持方式——无需每次变更都通过本工具操作。打开(或技能包安装的其他路径),修改值并保存。这是用户拥有的真实文件,共享技能会在运行时读取它。
config.jsonskills/<name>/config.json此类手动编辑会在未来重新运行时保留。下次运行时,协调逻辑会将你的值分类为——即与检测结果不同的实际值——并保留原值,同时报告原值和检测值(见上方状态表)。绝不会被静默覆盖:仅当你明确为该键确认接受检测值时(步骤3中的按键环节),偏差值才会被替换。因此,人为手动编辑的内容与检测到的事实可以共存——工具会协调可检测的事实,同时不会覆盖你手动设置的内容。
initialise-skillsdriftacceptDrift当你希望通过工具进行相同变更时,建议使用下方的方式——它会根据技能的验证键的有效性,并保留键的顺序和格式——但直接手动编辑同样有效且安全。
--set <skill>.<key>=<value>config.example.jsonSetting an arbitrary value
设置任意值
Detection, the stdin , and between them cover every value the
script can derive or accept — but not a value you simply want to choose (a
non-default base branch, a bespoke changelog directory, a boolean toggle). For
those, writes an arbitrary value straight into a
named skill's :
factsacceptDrift--set <skill>.<key>=<value>config.jsonbash
undefined检测逻辑、标准输入的和共同覆盖了脚本可推导或接受的所有值——但不包括你想要自行选择的值(非默认基础分支、定制化变更日志目录、布尔开关等)。对于此类情况,可使用直接将任意值写入指定技能的:
factsacceptDrift--set <skill>.<key>=<value>config.jsonbash
undefineddry-run first (default) — preview the change, write nothing
先试运行(默认)——预览变更,不执行写入
node <skills-dir>/initialise-skills/scripts/initialise.mjs
--set changelog.baseBranch=develop
--set changelog.affectedPackages=false
--set changelog.baseBranch=develop
--set changelog.affectedPackages=false
node <skills-dir>/initialise-skills/scripts/initialise.mjs
--set changelog.baseBranch=develop
--set changelog.affectedPackages=false
--set changelog.baseBranch=develop
--set changelog.affectedPackages=false
re-run with --write to apply
添加--write参数重新运行以应用变更
node <skills-dir>/initialise-skills/scripts/initialise.mjs
--set changelog.baseBranch=develop --write
--set changelog.baseBranch=develop --write
The flag is **repeatable** and the address is `<skill>.<key>` — the skill's bundle
directory name, then a top-level key. The value is parsed as JSON (`true` / `42` /
`["A"]` type correctly) and falls back to a bare string when it isn't valid JSON
(so `develop` stays `"develop"`). It is validated up front, before anything is
written: the skill must be installed, the key must exist in that skill's
`config.example.json` (unknown keys are **refused**, never silently created), and
the value's type must match that key's example placeholder (so a string can't land
in a boolean field). Any failure exits non-zero and touches nothing.
`--set` rides the normal reconcile — detection still runs and your values are
layered on top, winning over what a detector would produce for the same key — and
goes through the same merge/serialise path, so key order and formatting are
preserved and a re-run with the same value is a no-op. It is a write mode, so it
**cannot be combined with `--review`** (which is read-only). In the report a set
key shows as `set to <value> (was <old>)`.node <skills-dir>/initialise-skills/scripts/initialise.mjs
--set changelog.baseBranch=develop --write
--set changelog.baseBranch=develop --write
该参数**可重复使用**,格式为`<skill>.<key>`——技能包目录名,后跟顶层键。值会被解析为JSON(`true`/`42`/`["A"]`类型会被正确识别),若不是有效的JSON则会退化为纯字符串(因此`develop`会保留为`"develop"`)。写入前会进行前置验证:技能必须已安装,键必须存在于该技能的`config.example.json`中(未知键会被**拒绝**,绝不会静默创建),且值的类型必须与该键的示例占位符匹配(因此字符串不能写入布尔字段)。任何验证失败都会导致非零退出,且不会修改任何内容。
`--set`会在正常协调流程之上执行——检测逻辑仍会运行,你设置的值会覆盖检测器针对同一键生成的结果——并通过相同的合并/序列化路径处理,因此会保留键的顺序和格式,若重新运行时使用相同的值则为无操作。这是写入模式,因此**无法与`--review`组合使用**(`--review`是只读模式)。在报告中,通过`--set`设置的键会显示为`set to <value> (was <old>)`。Flags
参数说明
- (default) — detect, merge and report; write nothing.
--dry-run - — apply the reconcile to each skill's
--write.config.json - — read-only. Print every installed skill's full current config: each key's current value, its classification (the same six statuses), and a short description sourced from
--review. Unlike the dry-run it shows the current value of every key — includingreferences/detectable-keys.mdkeys no template knows about — so it is a complete picture, not just the pending diff. Writes nothing and skips theunknown-keptstep. See Reviewing an existing config..gitignore - — repeatable. Write an arbitrary value into a named skill's
--set <skill>.<key>=<value>(a value detection wouldn't produce). The key must exist in that skill'sconfig.jsonand the value's type must match its placeholder, else it's refused. Rides the normal reconcile (dry-run first;config.example.jsonto apply) and overrides detection for that key. Cannot be combined with--write. See Setting an arbitrary value.--review - — emit the machine-readable report (parse this to drive steps 2–3, or to consume the
--jsonsnapshot); human text otherwise.--review - — the host repo the detectors scan (default: cwd).
--repo-root <path> - — where the sibling bundles live (default: auto-detected relative to this script).
--skills-dir <path> - stdin JSON — , read when stdin is piped (not a TTY). Each
{ "facts": { … }, "acceptDrift": { "<skill>": ["<key>"] } }key may be a skill name (acceptDrift) or the repo-relative config path ("changelog"); its value is an array of key names."skills/changelog/config.json"also carries the lock provenancefacts/lockSource(see step 2).lockRef
- (默认)——执行检测、合并并报告;不执行写入。
--dry-run - ——将协调结果应用到每个技能的
--write。config.json - ——只读模式。打印每个已安装技能的完整当前配置:每个键的当前值、分类(与上述六种状态一致),以及来自
--review的简短描述。与试运行不同,它会显示每个键的当前值——包括技能模板未定义的references/detectable-keys.md键——因此能展示完整的配置情况,而非仅待变更差异。不会写入任何内容,且会跳过unknown-kept步骤。详见查看现有配置。.gitignore - ——可重复使用。将任意值写入指定技能的
--set <skill>.<key>=<value>(检测逻辑无法生成的值)。键必须存在于该技能的config.json中,且值的类型必须与占位符匹配,否则会被拒绝。基于正常协调流程运行(先试运行;需添加config.example.json参数以应用),并覆盖该键的检测结果。无法与--write组合使用。详见设置任意值。--review - ——输出机器可读的报告(可解析此报告以驱动步骤2–3,或获取
--json的快照);否则输出面向人工的文本。--review - ——检测器扫描的宿主仓库路径(默认:当前工作目录)。
--repo-root <path> - ——同级技能包的存放路径(默认:根据本脚本位置自动检测)。
--skills-dir <path> - 标准输入JSON——,当标准输入为管道输入(而非终端)时读取。
{ "facts": { … }, "acceptDrift": { "<skill>": ["<key>"] } }的键可以是技能名称(acceptDrift)或仓库相对配置路径("changelog");其值为键名数组。"skills/changelog/config.json"还包含锁文件来源信息facts/lockSource(见步骤2)。lockRef
Checking for updates
检查更新
To see which installed skills are behind the source repo, run the bundled
against a checkout of the source (the consumer holds only its
old vendored copies, so the target versions come from the source):
check-updates.mjsbash
node <skills-dir>/initialise-skills/scripts/check-updates.mjs \
--source <path-to-agent-skills-checkout> [--ref <tag-or-sha>] [--json]It diffs the consumer's against the source's bundle versions —
at (via ) when given, else the source working tree — and prints
the per-skill bump list: (behind — the actionable list), plus
(new upstream skills), , (consumer ahead), and .
targets a specific consumer's lock (default ),
so a fleet orchestrator can check any repo without changing directory. See
for the lock schema.
.claude/skills.lock--refgit showupdatesaddedremoveddowngradesupToDate--lock <path><cwd>/.claude/skills.lockreferences/skills-lock.md若要查看哪些已安装技能落后于源仓库版本,可针对源仓库的检出版本运行捆绑的脚本(用户仅持有旧的本地副本,因此目标版本来自源仓库):
check-updates.mjsbash
node <skills-dir>/initialise-skills/scripts/check-updates.mjs \
--source <path-to-agent-skills-checkout> [--ref <tag-or-sha>] [--json]它会将用户的与源仓库的技能包版本进行对比——若指定则通过获取对应版本,否则使用源仓库的工作区版本——并打印按技能分类的升级清单:(落后版本——需处理的列表),以及(上游新增技能)、(已移除技能)、(用户版本超前)和(已更新至最新)。可指定特定用户的锁文件路径(默认:),因此集群编排工具无需切换目录即可检查任意仓库。锁文件的架构请查看。
.claude/skills.lock--refgit showupdatesaddedremoveddowngradesupToDate--lock <path><cwd>/.claude/skills.lockreferences/skills-lock.mdSafety
安全性说明
- Dry-run first, write only after confirmation. Nothing is written without an
explicit pass gated on the user's go-ahead.
--write - Never clobbers deliberate edits. Drift is preserved unless you opt in per key.
- No deletes, no reordering. Existing keys keep their order; only changed keys
are touched; consumer-added keys are left alone. A malformed existing
is skipped (reported, never overwritten).
config.json - The edit is append-only. One file touched outside a skill's
.gitignoreis the repo's rootconfig.json, and only to append the.gitignoreentry when it is missing — never reordering or removing existing lines, and a no-op once present..preflight-summary.json - The write is deterministic and byte-stable. The other file touched outside a
skills.lockisconfig.json, fully regenerated with sorted keys and no timestamp — so it only rewrites when a version actually changes, and a no-op run leaves it byte-identical. It preserves an existing lock's.claude/skills.lock/sourceand never fabricates them.ref - The GitHub App / token probe is read-only. returns secret names only, never values, and the skill makes no GitHub writes of any kind — on an absent or unverifiable secret it only ever prints a reminder.
gh secret list
- 先试运行,确认后再写入。无明确的参数且未获得用户确认时,不会执行任何写入操作。
--write - 绝不覆盖人为手动编辑内容。偏差值会被保留,除非你按键确认接受检测值。
- 无删除、无重排序。现有键会保持原有顺序;仅修改变更的键;用户添加的键会完全保留。若已有的格式错误,会跳过处理(仅报告,绝不覆盖)。
config.json - 编辑仅追加。在技能
.gitignore之外修改的唯一文件是仓库根目录的config.json,且仅当.gitignore条目缺失时才追加——绝不会重新排序或删除现有行,一旦条目存在即为无操作。.preflight-summary.json - 写入具有确定性和字节稳定性。另一个在
skills.lock之外修改的文件是config.json,它会以排序后的键完全重新生成,且不包含时间戳——因此仅当版本实际变更时才会重写,无操作运行时会保持字节级一致。它会保留已有锁文件的.claude/skills.lock/source值,绝不会凭空捏造。ref - GitHub应用/令牌探测为只读。仅返回密钥名称,绝不会返回值;本工具不会对GitHub执行任何写入操作——若密钥不存在或无法验证,仅会打印提醒信息。
gh secret list
Prerequisites
前置条件
- The skills whose configs you want populated are installed alongside this one.
- A git repository with an remote for full base-branch / issue-key detection (both degrade to sensible fallbacks when absent).
origin - The Linear MCP server for the team name / workspace slug (optional — those two keys are flagged for manual input without it).
- The CLI authenticated with repo-admin scope enables the GitHub App / token probe (step 6). Without that scope (or without
ghat all) the probe can't read the secret list, so it degrades to a "couldn't verify — confirmghmanually" note — a can't-tell, never a failure. The textualCLAUDE_CODE_OAUTH_TOKENreminder is the separate absent outcome, emitted only when the probe succeeds and finds the secret genuinely missing. Either way the skill still runs fully./install-github-app
- 需填充配置的技能已与本工具一同安装。
- 具备远程仓库的git仓库(用于完整检测基础分支/问题键;若缺失则会降级为合理的回退方案)。
origin - 获取团队名称/工作区slug所需的Linear MCP服务器(可选——若无该服务器,这两个键会被标记为需要手动输入)。
- 已认证且具备仓库管理员权限的CLI(用于执行GitHub应用/令牌探测,步骤6)。若无该权限(或未安装
gh),探测无法读取密钥列表,因此会降级为提示"无法验证——请手动确认gh已设置"——无法确认不等于失败。面向文本的CLAUDE_CODE_OAUTH_TOKEN提醒仅在探测成功且确认密钥确实缺失时才会发出。无论哪种情况,本工具都能完整运行。/install-github-app