📦 Deslop — 清理AI代码
v1.0.0通过审查 diff,删除不一致的防御性噪音,保留行为与本地风格,一键清除分支中的 AI 风格代码冗余。
0· 556·5 当前·6 累计
by 下载技能包
最后更新
2026/2/26
安全扫描
OpenClaw
可疑
medium confidenceThe skill's instructions match its stated purpose (clean code diffs), but there are internal inconsistencies—most notably undeclared required tooling and vague edit/commit behavior—so proceed with caution and set operational safeguards.
评估建议
This skill appears to be what it claims (clean up generated-code 'slop'), but it has a few practical gaps you should address before allowing it to run with write access to a repo: 1) Ensure the runtime has the tools SKILL.md assumes (git, rg, bun) or update the skill to declare them. 2) Decide an explicit workflow for code edits: run in a sandboxed branch, require human review or PRs, and keep backups so changes are reversible. 3) Require CI/tests to run on any changes (the skill suggests runnin...详细分析 ▾
✓ 用途与能力
The name, description, heuristics document, and workflow all align: this skill is intended to scan branch diffs and remove AI-style 'slop' while preserving behavior and style. There are no requested credentials or unrelated capabilities in metadata.
ℹ 指令范围
SKILL.md instructs the agent to run git diff, use ripgrep (rg) to build candidate lists, and run project checks (bun check, bun typecheck), then edit files and 'fix regressions'. These actions are within the stated purpose (review and edit code), but the instructions are somewhat open-ended about committing changes, authorizing edits, and what counts as an acceptable fix. The guardrails are sensible but rely heavily on subjective judgment, so human review and explicit commit/PR policies are recommended.
✓ 安装机制
This is an instruction-only skill with no install spec and no code files, so nothing is written to disk by an installer. That minimizes installation risk.
⚠ 凭证需求
The skill declares no required environment variables or credentials (appropriate), but SKILL.md expects tools that are not declared as required: git, rg (ripgrep), and bun. This mismatch is noteworthy because the agent may assume those tools are available or attempt to run them; lack of explicit declared binaries is an operational/integrity gap rather than a secret-exfiltration risk.
✓ 持久化与权限
always is false and there is no install or configuration of persistent privileges. The skill does instruct modifying repo files, but it does not request system-level persistence or modify other skills/configurations.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/2/25
Initial publish
● 无害
安装命令
点击复制官方npx clawhub@latest install deslop
镜像加速npx clawhub@latest install deslop --registry https://cn.longxiaskill.com