← Back to Skills Marketplace
Tech Debt Scanner
by
charlie-morrison
· GitHub ↗
· v1.0.0
· MIT-0
59
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install tech-debt-scanner
Description
Scan codebases for technical debt — TODO/FIXME comments, deprecated APIs, complexity hotspots, outdated patterns, missing tests, large files — then prioritiz...
Usage Guidance
This skill appears to do what it says (repo scans and prioritized tech-debt reports). Before using it: (1) Inspect the SKILL.md commands and confirm you are comfortable with running them against the target repository (they read files and run git/npm/pip commands). (2) Ensure the runtime environment has the required tools (ripgrep 'rg', git, find, python3, bc, npm/pip where needed) or adjust the commands. (3) Be aware that npm/pip commands may contact external registries (network access). (4) Test on a non-sensitive or local copy first to verify results. The main inconsistency is that the registry metadata did not list the CLI dependencies the instructions actually require — that should be fixed by the publisher.
Capability Analysis
Type: OpenClaw Skill
Name: tech-debt-scanner
Version: 1.0.0
The tech-debt-scanner skill is a legitimate utility designed to audit codebases for quality issues. It utilizes standard command-line tools such as ripgrep (rg), find, and git to identify TODO markers, cyclomatic complexity, and outdated dependencies. The logic is transparent, aligns perfectly with the stated purpose in SKILL.md, and contains no evidence of data exfiltration, unauthorized network access, or malicious prompt injection.
Capability Assessment
Purpose & Capability
The name and description match what the SKILL.md instructs: searching for TODO/FIXME, complexity hotspots, outdated patterns, missing tests, dependency issues, duplication, and producing a prioritized report. However, the metadata declares no required binaries while the runtime instructions rely on several command-line tools (rg/ripgrep, find, git, npm, pip, python3, bc, wc, rg, etc.). The absence of declared required binaries is an inconsistency but not evidence of malicious intent.
Instruction Scope
All commands and file reads are within the scope of scanning a repository (searching files, running git log, inspecting package manifests, running dependency checks). The skill will read repository files and run package-manager queries (npm outdated, pip list) which contact external registries — this is expected for dependency checks. The instructions do not direct data to unexpected external endpoints or request unrelated system paths or secrets.
Install Mechanism
Instruction-only skill with no install spec or code files — lowest install risk. Nothing is downloaded or written to disk by an installer step.
Credentials
The skill requests no environment variables or credentials (appropriate). But it implicitly requires local tooling and network access to package registries. If run in an environment with restricted network access or without the listed CLIs, parts of the scan will fail. No unexpected credentials or config paths are requested.
Persistence & Privilege
always:false and no install steps; the skill does not request persistent presence or modify other skills or system-wide settings. Autonomous invocation is allowed by default but not excessive given the skill's benign scope.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install tech-debt-scanner - After installation, invoke the skill by name or use
/tech-debt-scanner - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of tech-debt-scanner — a tool to detect, prioritize, and help remediate technical debt across codebases.
- Scans for TODO/FIXME/HACK comments, deprecated APIs, complexity hotspots, outdated coding patterns, missing or weak tests, dependency issues, and code duplication.
- Produces actionable, prioritized reports with risk, effort, and impact analysis.
- Offers focused commands for hotspot detection, TODO/FIXME audits, dependency health, and test coverage gaps.
- Utilizes AI reasoning to suggest remediation steps and prioritization.
- Multiple output formats supported (text, JSON).
Metadata
Frequently Asked Questions
What is Tech Debt Scanner?
Scan codebases for technical debt — TODO/FIXME comments, deprecated APIs, complexity hotspots, outdated patterns, missing tests, large files — then prioritiz... It is an AI Agent Skill for Claude Code / OpenClaw, with 59 downloads so far.
How do I install Tech Debt Scanner?
Run "/install tech-debt-scanner" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Tech Debt Scanner free?
Yes, Tech Debt Scanner is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Tech Debt Scanner support?
Tech Debt Scanner is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Tech Debt Scanner?
It is built and maintained by charlie-morrison (@charlie-morrison); the current version is v1.0.0.
More Skills