← Back to Skills Marketplace
3638
Downloads
2
Stars
17
Active Installs
1
Versions
Install in OpenClaw
/install codebuddy-code
Description
CodeBuddy Code CLI installation, configuration and usage guide. CodeBuddy Code is Tencent's AI-powered CLI programming assistant supporting natural language driven development.
- MANDATORY TRIGGERS: CodeBuddy, codebuddy, AI CLI, Tencent AI coding, @tencent-ai/codebuddy-code, terminal AI assistant
- Use when: installing CodeBuddy CLI, configuring CodeBuddy, using CodeBuddy commands, troubleshooting CodeBuddy issues
README (SKILL.md)
CodeBuddy CLI Skill
AI-powered terminal programming assistant from Tencent.
Installation
# Check prerequisites
node -v # Requires Node.js 18+
npm -v
# Install globally
npm install -g @tencent-ai/codebuddy-code
# Verify
codebuddy --version
Quick Start
- Navigate to project directory
- Run
codebuddyto start interactive session - Choose login method:
- Google/GitHub: International version (Gemini, GPT models)
- WeChat (微信): China version (DeepSeek models)
CLI Arguments
| Argument | Description |
|---|---|
codebuddy "\x3Cprompt>" |
Execute single task |
-y / --dangerously-skip-permissions |
Skip permission confirmations (sandbox only) |
-p / --print |
Single execution mode (requires -y for file ops) |
--permission-mode \x3Cmode> |
acceptEdits, bypassPermissions, default, plan |
--version |
Show version |
Examples
# Interactive mode
codebuddy
# Single task
codebuddy "帮我优化这个函数的性能"
codebuddy "生成这个 API 的单元测试"
codebuddy "检查这次提交的代码质量"
# Skip permissions (sandbox only)
codebuddy -p "Review code quality" -y
Slash Commands
| Command | Description |
|---|---|
/help |
Display available commands |
/status |
Show account info and current model |
/login |
Switch accounts |
/logout |
Sign out |
/clear |
Reset conversation history |
/exit |
End session |
/config |
Open configuration |
/doctor |
Diagnose issues |
/cost |
Token usage statistics |
/init |
Generate CODEBUDDY.md project guide |
/memory |
Edit project memory files |
Type ? during session for keyboard shortcuts.
Custom Commands
Create .md files in:
- Project:
.codebuddy/commands/ - Global:
~/.codebuddy/commands/
Update
npm install -g @tencent-ai/codebuddy-code
Security Notes
--dangerously-skip-permissions risks: file deletion, scope creep, data loss. Never use in production.
Usage Guidance
This skill is a coherent install/use guide for a CodeBuddy CLI, but the SKILL.md does not provide a homepage or source repository to verify the npm package. Before running npm install -g @tencent-ai/codebuddy-code: 1) look up the package on the npm registry and confirm the publisher/organization is legitimate (check the maintainer/owner and package versions); 2) find and review the project repo or homepage (if available) to inspect code or at least read README and issues; 3) prefer running via npx or in a container/sandbox first instead of a global install; 4) avoid using the -y/--dangerously-skip-permissions flag in real projects; 5) if you must install globally, inspect package contents or run virus/malware scans and consider limiting network/credential access for the first runs. If you can provide the package/npm link or repository, I can re-evaluate with higher confidence.
Capability Analysis
Type: OpenClaw Skill
Name: codebuddy-code
Version: 1.0.1
The skill is classified as suspicious due to the explicit documentation of highly risky CLI arguments, specifically `--dangerously-skip-permissions` and `--permission-mode bypassPermissions`, within the `SKILL.md` file. These instructions teach the AI agent how to bypass security confirmations for file operations, which the documentation itself warns can lead to 'file deletion, scope creep, data loss.' While the skill includes a warning against using these flags in production, their presence and example usage create a significant prompt injection vulnerability, allowing a malicious user to potentially trick the agent into performing unauthorized and harmful file system actions.
Capability Assessment
Purpose & Capability
Name/description match the instructions: the SKILL.md describes installing and using a CodeBuddy CLI and all steps (npm install, CLI commands, config paths) are consistent with that purpose. The triggers and usage contexts align with a CLI assistant.
Instruction Scope
Runtime instructions are limited to installing the npm package, running the CLI, using its flags and commands, and where to place custom command files. There are no instructions to read unrelated system files, exfiltrate data, or access unrelated environment variables. The guide warns about the risky -y flag.
Install Mechanism
The skill is instruction-only and tells users to run npm install -g @tencent-ai/codebuddy-code — this is a normal install flow for a CLI. However, the skill metadata lacks a homepage or source repository, so the authenticity of the npm package cannot be verified from the skill alone; that raises a trust/typosquatting concern when installing a global package.
Credentials
The skill does not request environment variables or credentials. It mentions login methods (Google/GitHub/WeChat) as user-facing auth flows, which is appropriate and expected for a CLI that interacts with remote models.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent platform privileges. It only instructs installing a global CLI (which is user-level persistence) and writing config/custom commands to ~/.codebuddy or a project folder — these are standard for a CLI tool.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install codebuddy-code - After installation, invoke the skill by name or use
/codebuddy-code - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- Added detailed CLI installation, configuration, and usage guide for CodeBuddy Code (Tencent's AI-powered programming assistant).
- Documented login methods, CLI arguments, slash commands, and usage examples for both sandbox and production environments.
- Included instructions for creating custom commands and updating the tool.
- Provided important security warnings for potentially dangerous flags.
- This version enhances onboarding and supports troubleshooting for all users of the CodeBuddy CLI.
Metadata
Frequently Asked Questions
What is CodeBuddy Code for OpenClaw?
CodeBuddy Code CLI installation, configuration and usage guide. CodeBuddy Code is Tencent's AI-powered CLI programming assistant supporting natural language driven development. - MANDATORY TRIGGERS: CodeBuddy, codebuddy, AI CLI, Tencent AI coding, @tencent-ai/codebuddy-code, terminal AI assistant - Use when: installing CodeBuddy CLI, configuring CodeBuddy, using CodeBuddy commands, troubleshooting CodeBuddy issues. It is an AI Agent Skill for Claude Code / OpenClaw, with 3638 downloads so far.
How do I install CodeBuddy Code for OpenClaw?
Run "/install codebuddy-code" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is CodeBuddy Code for OpenClaw free?
Yes, CodeBuddy Code for OpenClaw is completely free (open-source). You can download, install and use it at no cost.
Which platforms does CodeBuddy Code for OpenClaw support?
CodeBuddy Code for OpenClaw is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created CodeBuddy Code for OpenClaw?
It is built and maintained by Jiayu (@pmwalkercao); the current version is v1.0.1.
More Skills