← Back to Skills Marketplace
826
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install code-reputation
Description
Semantic code caching for AI agents. Cache, retrieve, and reuse code from prior agent executions.
README (SKILL.md)
Code Cache - Semantic Code Caching for AI Agents
This skill enables semantic code caching via the Raysurfer API.
What It Does
When your agent generates and executes code, Code Cache stores it. When a similar task comes up later, the agent can retrieve and run the cached code instead of regenerating it—saving time and tokens.
Setup
Get your API key from the Raysurfer dashboard and configure it:
# Via environment variable
export RAYSURFER_API_KEY=your_api_key_here
# Or via OpenClaw config
openclaw config set skills.entries.code-cache.apiKey "your_api_key_here"
Available Commands
Search for cached code
/code-cache search \x3Ctask description> [--top-k N] [--min-score FLOAT] [--show-code]
Search for cached code snippets that match a natural language task description.
Options:
--top-k N— Maximum number of results (default: 5)--min-score FLOAT— Minimum verdict score filter (default: 0.3)--show-code— Display the source code of the top match
Example:
/code-cache search "Generate a quarterly revenue report"
/code-cache search "Fetch GitHub trending repos" --top-k 3 --show-code
Get code files for a task
/code-cache files \x3Ctask description> [--top-k N] [--cache-dir DIR]
Retrieve code files ready for execution, with a pre-formatted prompt addition for your LLM.
Options:
--top-k N— Maximum number of files (default: 5)--cache-dir DIR— Output directory (default:.code_cache)
Example:
/code-cache files "Fetch GitHub trending repos"
/code-cache files "Build a chart" --cache-dir ./cached_code
Upload code to cache
/code-cache upload \x3Ctask> --files \x3Cpath> [\x3Cpath>...] [--failed] [--no-auto-vote]
Upload code from an execution to the cache for future reuse.
Options:
--files, -f— Files to upload (required, can specify multiple)--failed— Mark the execution as failed (default: succeeded)--no-auto-vote— Disable automatic voting on stored code blocks
Example:
/code-cache upload "Build a chart" --files chart.py
/code-cache upload "Data pipeline" -f extract.py transform.py load.py
/code-cache upload "Failed attempt" --files broken.py --failed
Vote on cached code
/code-cache vote \x3Ccode_block_id> [--up|--down] [--task TEXT] [--name TEXT] [--description TEXT]
Vote on whether cached code was useful. This improves retrieval quality over time.
Options:
--up— Upvote / thumbs up (default)--down— Downvote / thumbs down--task— Original task description (optional)--name— Code block name (optional)--description— Code block description (optional)
Example:
/code-cache vote abc123 --up
/code-cache vote xyz789 --down --task "Generate report"
How It Works
- Cache Hit: When you ask for code similar to something previously executed, Code Cache returns the cached version instantly
- Cache Miss: When no match exists, your agent generates code normally, then Code Cache stores it for future use
- Verdict Scoring: Code that works gets 👍, code that fails gets 👎—retrieval improves over time
API Reference
The skill wraps these Raysurfer API methods:
| Method | Description |
|---|---|
search(task, top_k, min_verdict_score) |
Unified search for cached code snippets |
get_code_files(task, top_k, cache_dir) |
Get code files ready for sandbox execution |
upload_new_code_snips(task, files_written, succeeded, auto_vote) |
Store new code after execution |
vote_code_snip(task, code_block_id, code_block_name, code_block_description, succeeded) |
Vote on snippet usefulness |
Why Code Caching?
LLM agents repeat the same patterns constantly. Instead of regenerating code every time:
- 30x faster: Retrieve proven code instead of waiting for generation
- Lower costs: Reduce token usage by reusing cached solutions
- Higher quality: Cached code has been validated and voted on
- Consistent output: Same task = same proven solution
Learn more at raysurfer.com or read the documentation.
Usage Guidance
This skill does what it says: it sends and retrieves code to/from Raysurfer using the RAYSURFER_API_KEY. Before installing or using it: (1) Only provide the RAYSURFER_API_KEY if you trust the Raysurfer service and the account scope matches what you intend. (2) Never upload files that contain secrets (API keys, passwords, private keys) or PII — uploaded files are sent to the external service for caching. (3) When using retrieved code, review it before executing in your environment; cached snippets could contain unsafe operations. (4) The Python 'raysurfer' package is required — install it from PyPI and inspect its code if you have concerns. If you need stronger guarantees, ask for a version that supports client-side redaction or explicit filtering of sensitive content before upload.
Capability Analysis
Type: OpenClaw Skill
Name: code-reputation
Version: 1.0.1
The skill is designed for semantic code caching via the Raysurfer API, which involves reading and writing code files locally and communicating with a remote service. It is classified as suspicious due to significant vulnerabilities in `code_cache.py`. Specifically, the `cmd_files` function writes arbitrary content received from the `raysurfer.com` API to a user-specified `--cache-dir`, which could lead to arbitrary file write and potential Remote Code Execution (RCE) if an AI agent is prompted to use a sensitive directory or if the Raysurfer service is compromised. Additionally, the `cmd_upload` function reads local files specified by the user and sends their content to `raysurfer.com`, posing a data exfiltration risk if an agent is tricked into uploading sensitive files. While these capabilities are plausible for the skill's stated purpose, the lack of robust input sanitization and path restrictions makes them high-risk.
Capability Assessment
Purpose & Capability
Name/description (semantic code caching) aligns with the implementation and declared requirement. The skill calls a Raysurfer client, exposes search/files/upload/vote commands, and declares RAYSURFER_API_KEY as the required credential — all of which are expected for a remote code-cache integration.
Instruction Scope
SKILL.md and the CLI instruct the agent/user to retrieve, write, and upload code files. The skill writes retrieved files to a cache directory and reads local files you specify when uploading. This is expected for the feature, but it means user files (including any embedded secrets) will be transmitted to Raysurfer when you run upload — the instructions do not attempt to read arbitrary system files without user-specified paths.
Install Mechanism
There is no install spec; the skill is instruction-only and ships a Python CLI that depends on the public 'raysurfer' package. No external downloads or obscure URLs are used. The only install requirement is a standard Python package (raysurfer), which is proportional to the declared functionality.
Credentials
Only a single environment variable (RAYSURFER_API_KEY) is required and is the declared primary credential — this matches the skill's purpose. Be aware that this key grants access to the external Raysurfer account, and any code contents you upload will be accessible to that service. Do not store secrets or credentials inside code you plan to upload.
Persistence & Privilege
The skill does not request 'always: true' or any elevated platform privileges. It doesn't attempt to change other skills' configs. Normal autonomous invocation is allowed (disable-model-invocation is false) which is expected for skills; nothing else requests persistent system-level privileges.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install code-reputation - After installation, invoke the skill by name or use
/code-reputation - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Fix upload/search compatibility with current Raysurfer SDK fields
v1.0.0
Initial release: semantic code caching for AI agents via Raysurfer API
Metadata
Frequently Asked Questions
What is Code Reputation?
Semantic code caching for AI agents. Cache, retrieve, and reuse code from prior agent executions. It is an AI Agent Skill for Claude Code / OpenClaw, with 826 downloads so far.
How do I install Code Reputation?
Run "/install code-reputation" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Code Reputation free?
Yes, Code Reputation is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Code Reputation support?
Code Reputation is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Code Reputation?
It is built and maintained by ryx2 (@ryx2); the current version is v1.0.1.
More Skills