shiplog
shiplog is an AI development “skill” that uses Git and GitHub to persist engineering context across sessions by capturing brainstorms as issues, creating isolated work sessions (branches/worktrees), logging commit context, and writing PR “journey” timelines. It also supports cross-model review/provenance/signing conventions, evidence-linked closure, and artifact metadata for later search.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Security posture is partially dependent on the user’s `gh` authentication; no details are provided on token handling within shiplog itself. The workflow persists detailed reasoning/decision context into GitHub issues/PR bodies and a potential `--log` branch, which increases data exposure risk if that content includes sensitive information.
⚡ Reliability
Best When
You want long-term, queryable traceability of “why” behind changes created with AI assistants (Claude Code/Codex/Cursor) and you already use GitHub+gh in a normal repo workflow.
Avoid When
You require an offline-only system with no GitHub writes, or you need fine-grained, auditable permission scoping without using a user’s gh authentication context.
Use Cases
- • Persisting design decisions and rationale for AI-assisted coding across model/sessions
- • Turning brainstorms into searchable GitHub issues with tasks/alternatives
- • Structured work sessions per issue (branches/worktrees) and resumable sessions
- • Cross-model review gates and signed review provenance to reduce self-review
- • Tracking discoveries during work and routing them into inline fixes, stacked PRs, or new issues
- • Evidence-linked closure to avoid closing without proof and to link PR/commit/decision artifacts
Not For
- • Teams that do not use GitHub or cannot use the GitHub CLI (gh)
- • Workflows requiring a strict REST/SDK-only integration without relying on git/gh commands and local repo state
- • Organizations that cannot approve storing decision context in GitHub issues/PR bodies or in a secondary “--log” branch
Interface
Authentication
README states only `gh` CLI is required, authenticated via `gh auth login`. No additional auth mechanisms are described.
Pricing
No pricing information provided in the supplied content.
Agent Metadata
Known Gotchas
- ⚠ Relies on `gh` CLI and git state (worktrees/branches). Agent use may fail if repo/branch conventions diverge from expectations.
- ⚠ Because it writes to GitHub issues/PR bodies and may use a separate `--log` branch, users should ensure appropriate permissions and privacy controls before enabling in sensitive repos.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for shiplog.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.