📦 source code analysis — 实用工具

Name: source code analysis — 实用工具
Rating: 1

v1.0.1

技能 should used when 用户 asks "分析 source code", "understand codebase", "perform code 分析", "study 项目", "explain th...

1· 232·0 当前·0 累计

by @river-zhanglh

代码生成数据分析 AI模型访问开发工具

下载技能包

安全扫描

VirusTotal

无害

查看报告

OpenClaw

安全

high confidence

This is an instruction-only skill that provides a structured 7-step methodology for analyzing source code; it requests no installs, credentials, or unusual access, so its declared footprint matches its purpose — but exercise normal caution when executing untrusted code or giving repository access.

评估建议

This skill is coherent and lightweight, but it recommends running and debugging repository code as part of analysis. Before using it: (1) avoid giving access to secrets or credentials; (2) run any code in an isolated/sandboxed environment (container, VM, ephemeral runner); (3) restrict network access if you don't trust the code; (4) review any outputs the agent emits before sharing externally; and (5) if you plan to let the agent operate on a private repo, audit what files it can read. These pre...

详细分析 ▾

✓ 用途与能力

The skill's name and description match the SKILL.md content: a methodology for analyzing codebases. It doesn't request unrelated binaries, credentials, or config paths, so required resources are proportionate to its stated purpose.

ℹ 指令范围

Instructions stay on-topic (read READMEs, inspect directory structure, trace call paths, run/debug code). They do recommend running and debugging code and examining build/test/deployment processes — behavior appropriate for code analysis but potentially risky if the agent executes untrusted code or has broad filesystem/network access. The SKILL.md does not instruct any unexpected data exfiltration or access to secrets.

✓ 安装机制

No install spec and no code files (instruction-only). Nothing will be written to disk by the skill itself during installation.

✓ 凭证需求

No environment variables, credentials, or config paths are required. The declared environment access is minimal and appropriate for an analysis methodology document.

✓ 持久化与权限

always is false and the skill is user-invocable; it does not request persistent or elevated platform privileges. Autonomous invocation is allowed by default (not flagged here) but is not combined with other high-risk requests.

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

安装命令

点击复制

官方npx clawhub@latest install source-code-analysis

镜像加速npx clawhub@latest install source-code-analysis --registry https://cn.longxiaskill.com镜像同步中

需要定制？告诉我你的需求 →

数据来源：ClawHub ↗ · 中文优化：龙虾技能库