💻
Developersafety: read-only

RepoPilot

Codebase Intelligence Agent

An OpenClaw agent that synthesizes daily changelogs across repos, summarizes PRs with risk scoring, monitors dependency vulnerabilities with upgrade plans, and tracks tech debt with prioritized refactor suggestions.

Install

tinkerclaw install repopilot

Requires the TinkerClaw CLI. Install guide →

What it does

Daily changelog synthesis across repos

PR review summaries with risk scoring

Dependency vulnerability monitoring with upgrade plans

Tech debt tracker with prioritized refactor suggestions

Skills (4)

Installed into your agent's workspace

repopilot-changelog

Synthesize a structured changelog from git commit history with categorized changes and contributor attribution.

repopilot-deps

Scan dependencies for known vulnerabilities, outdated packages, and license compliance issues.

repopilot-pr-review

Generate PR review summaries with risk scoring, change impact analysis, and actionable review suggestions.

repopilot-techdebt

Track technical debt through complexity metrics, churn analysis, and hotspot detection across codebases.

Automations (3)

RepoPilot — Daily Changelog

enabled

08:00 AM · weekdays (UTC)

cron: 0 8 * * 1-5 · tz: Etc/UTC

What the agent does on this trigger

Run repopilot-changelog. Synthesize commits since last run into a daily changelog. Read-only policy: never push code or merge PRs.

RepoPilot — Weekly Dependency Scan

enabled

09:00 AM · every Mon (UTC)

cron: 0 9 * * 1 · tz: Etc/UTC

What the agent does on this trigger

Run repopilot-deps. Perform full dependency vulnerability scan across all configured repos. Flag critical and high severity findings. Read-only mode enforced.

RepoPilot — Monthly Tech Debt Report

enabled

09:00 AM · day 1 each month (UTC)

cron: 0 9 1 * * · tz: Etc/UTC

What the agent does on this trigger

Run repopilot-techdebt. Generate monthly tech debt report with complexity trends, hotspot analysis, and recommended actions. Read-only mode enforced.

Integrations & requirements

Primary integration mode
Hybrid: local git plus GitHub/GitLab APIs
MCP status
No dedicated MCP integration
Supported today
  • Local git analysis and repo scanning
  • GitHub REST usage via `GITHUB_TOKEN` in PR review flows
  • Optional GitLab token support in docs

Files this agent creates

Written under ~/.openclaw/workspace-repopilot/

USER.mdchangelogs/daily-changelog.mdchangelogs/weekly-summary.md.state/last-changelog-run.jsondeps/vulnerability-report.mddeps/scan-results.json.state/last-dep-scan.jsonreviews/pr-summaries.mdreviews/risk-scores.jsontechdebt/monthly-report.mdtechdebt/hotspots.json.state/last-techdebt-run.json

Install & configure

  1. 1. Install the agent pack

    tinkerclaw install repopilot

  2. 2. Configure your preferences

    Edit the per-agent USER.md to set tone, timezone, and any agent-specific preferences:

    ~/.openclaw/workspace-repopilot/USER.md

  3. 3. Keep it up to date

    tinkerclaw update repopilot

Highlights

  • Works with any Git repo — GitHub, GitLab, Bitbucket
  • PR risk scoring based on diff size, file sensitivity, and test coverage
  • Dependency CVE monitoring with actionable upgrade paths