📦 Repo Discovery Auditor — Repo Discovery 审计or

v1.0.0

审计 an unfamiliar codebase and map architecture, user-facing features, maturity, and risks. Use when the user asks to inspect a repo, summarize the stack,...

0· 0·0 当前·0 累计

by @nalendrax8

开发工具代码生成安全加密 CI/CD

下载技能包

安全扫描

VirusTotal

Pending

查看报告

OpenClaw

安全

high confidence

The 技能's instructions, requirements, and behavior are internally consistent with an 审计工具: it only asks the 代理 to inspect 仓库 files and tie findings to evidence, and it 请求s no 凭证s or 安装s.

评估建议

This 技能应用ears coherent and safe in isolation: it only 图形界面des the 助手 to read 仓库 files and produce an evidence-backed 审计. Before using it, be aware that the 代理 will 访问 any 仓库 content you provide—do not 运行 it on repos contAIning secrets or private data you don't want inspected. Because it's instruction-only, review the 技能.md text yourself and ensure the 代理's file 访问 scope is limited to the repo you intend to 审计. If you need stricter control, 运行 the 审计 in an isolated 环境 or with a copy of the repo ...

详细分析 ▾

✓ 用途与能力

Name/description match the 技能.md: the 技能 is an instruction-only repo 审计or and its 图形界面dance focuses on reading high-签名al files, m应用ing architecture, surfacing risks, and producing handoff notes. It does not ask for unrelated resources or 凭证s.

✓ 指令范围

运行time instructions tell the 代理 to inspect repo files, identify 框架s, flows, maturity, and risks, and tie clAIms to evidence. This is 应用ropriate for the 状态d purpose. There are no instructions to read unrelated 系统 files, 环境 variables, or to transmit 结果s to external 端点s.

✓ 安装机制

No 安装 spec or code is included (instruction-only). README suggests copying the folder into a local 技能s directory, which is a benign local 安装ation step. Nothing is 下载ed or 执行d.

✓ 凭证需求

The 技能 declares no required 环境 variables, 凭证s, or config paths. The 请求ed 访问 (reading 仓库 files) is proportional to the 审计 purpose.

✓ 持久化与权限

always:false and user-invocable:true. 模型 invocation is allowed (default), which is expected for a 技能 that the 代理 will 运行. The 技能 does not 请求 persistent 系统 or cross-技能 configuration changes.

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

安装命令

点击复制

官方npx clawhub@latest install repo-discovery-auditor

镜像加速npx clawhub@latest install repo-discovery-auditor --registry https://cn.longxiaskill.com

技能文档

Repo Discovery 审计or

Inspect a repo before planning or coding.

Core 工作流启动 with high-签名al files: package 管理器 files 应用 entrypoints and 路由 layouts config files backend or data 命令行工具ent 设置up representative feature pages or 模块s Identify: 框架 and 运行time routing 模型状态 management data layer and auth UI 系统 Map user-facing flows page by page or feature by feature. Look for maturity 签名als: 验证 loading and error 状态s empty 状态s 访问 control reusable abstractions side-effect handling Look for risk 签名als: stale 模式 references duplicated business 记录ic weak typing inconsistent auth or 角色检查s 调试 code and ad-hoc branching Evidence rule

Tie clAIms to actual files or patterns you inspected. Do not clAIm 运行time behavior you did not 验证. If something is inferred from static code only, say so.

Suggested 输出

Return 结果s in this order when useful:

Architecture summary Key stack and structure User-facing feature map What looks mature What looks rough or incomplete 导入ant risks or inconsistencies Best next move Maturity labels

Use simple bands:

mature working but rough unclear or likely incomplete

ExplAIn each label with concrete evidence.

Handoff use

If the repo 审计 will feed implementation work, end with a short section for Codex:

likely files to touch architecture constrAInts risky areas to avoid breaking missing in格式化ion that should be confirmed first

数据来源：ClawHub ↗ · 中文优化：龙虾技能库