← Back to Skills Marketplace
Code Searcher
by
bytesagain3
· GitHub ↗
· v3.0.0
· MIT-0
381
Downloads
0
Stars
1
Active Installs
11
Versions
Install in OpenClaw
/install code-searcher
Description
Search codebases for patterns, symbols, and TODOs. Use when navigating large codebases.
README (SKILL.md)
code-searcher
Search codebases for patterns, symbols, and TODOs. Use when navigating large codebases.
Commands
find
scripts/script.sh find \x3Cpattern dir>
todo
scripts/script.sh todo \x3Cdir>
refs
scripts/script.sh refs \x3Csymbol dir>
stats
scripts/script.sh stats \x3Cdir>
recent
scripts/script.sh recent \x3Cdir days>
grep
scripts/script.sh grep \x3Ctext dir>
Data Storage
Data stored in ~/.local/share/code-searcher/.
Powered by BytesAgain | bytesagain.com | [email protected]
Usage Guidance
This skill appears to do what it claims: local codebase searches using grep/find. It does not request credentials or perform network calls. Before installing or running it on sensitive systems, review the included scripts (they're small and readable). Note two practical cautions: (1) the scripts create ~/.local/share/code-searcher but don't currently store search results there (harmless but inconsistent with the README); (2) the scripts use unquoted shell variables in a few grep/find calls, which can mishandle patterns with spaces or unusual characters—prefer passing safe, validated paths/patterns or improve the scripts to quote arguments if you plan to use them with untrusted input. If you need stricter guarantees, run the skill in a constrained environment or inspect/modify the scripts to add proper quoting and any logging/persistence behavior you expect.
Capability Analysis
Type: OpenClaw Skill
Name: code-searcher
Version: 3.0.0
The skill contains multiple shell injection vulnerabilities in `scripts/script.sh` because user-supplied arguments (patterns and directories) are passed unquoted to commands like `grep` and `find` (e.g., in `cmd_find` and `cmd_grep`). Additionally, `scripts/the_silver_searcher.sh` is a misleading placeholder script that references a popular third-party tool (The Silver Searcher) without providing any actual functionality. While these issues represent significant security flaws and poor practices, there is no clear evidence of intentional malicious behavior or data exfiltration.
Capability Assessment
Purpose & Capability
Name/description (search codebases) matches the implementation: scripts/script.sh provides find, todo, refs, stats, recent, and grep using grep/find/wc. No unrelated credentials, binaries, or external services are requested.
Instruction Scope
SKILL.md instructs the agent to run the included scripts. The scripts operate on filesystem paths provided by the user and create a data directory (~/.local/share/code-searcher). They do not read unrelated system config or transmit data off-host. Minor mismatch: SKILL.md states 'Data stored in ~/.local/share/code-searcher/', but the script only creates that directory and does not persist search results there.
Install Mechanism
No install spec; this is instruction-only plus local scripts included in the bundle. Nothing is downloaded or written to disk beyond creating the data directory when invoked.
Credentials
The skill does not request environment variables, credentials, or config paths. It references $HOME to create a local data directory, which is proportionate to the stated purpose.
Persistence & Privilege
always:false and no special privileges. The skill does not modify other skills or system-wide settings; its only persistent action is creating a directory in the user's home when run.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install code-searcher - After installation, invoke the skill by name or use
/code-searcher - Provide required inputs per the skill's parameter spec and get structured output
Version History
v3.0.0
v3.0.0: Complete rewrite with real functionality.
v2.0.1
update
v2.0.0
v2.5 standard: Use-when desc, homepage, source, security fix
v1.0.7
yaml-fix+quality
v1.0.6
yaml-fix+quality
v1.0.5
Quality upgrade
v1.0.4
Quality upgrade: custom functionality
v1.0.3
De-template, unique content, script cleanup
v1.0.2
Quality fix: cleaner docs, removed flags
v1.0.1
Quality improvement: better docs, examples, cleaner text
v1.0.0
Initial release
Metadata
Frequently Asked Questions
What is Code Searcher?
Search codebases for patterns, symbols, and TODOs. Use when navigating large codebases. It is an AI Agent Skill for Claude Code / OpenClaw, with 381 downloads so far.
How do I install Code Searcher?
Run "/install code-searcher" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Code Searcher free?
Yes, Code Searcher is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Code Searcher support?
Code Searcher is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Code Searcher?
It is built and maintained by bytesagain3 (@bytesagain3); the current version is v3.0.0.
More Skills