← Back to Skills Marketplace

python-code-analyz

Name: python-code-analyz
Author: sujian0606-cpu

by sujian0606-cpu · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

118

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install python-code-analyz

Description

专业Python代码分析与优化，支持语法检查、安全扫描、性能评估、复杂度分析及重构后的优化代码生成。

Usage Guidance

This skill appears coherent with its stated purpose (static Python analysis and auto-refactoring) and doesn't ask for credentials or download code from arbitrary URLs. Before installing or running: 1) Inspect the remaining parts of analyzer.py (the provided snippet was truncated) to confirm there are no hidden network calls or file exfiltration; 2) Run the tool in a sandboxed environment or container first; 3) Do not run publish.sh unless you intend to publish and have the ClawHub CLI and account — it requires a logged-in user and will call clawhub publish; 4) Treat example code that includes hardcoded API keys as purely illustrative and never copy such secrets into real projects. If you want, I can fully scan the remaining parts of analyzer.py (provide the truncated portion) or run a targeted static check for network/subprocess/file-write patterns.

Capability Analysis

Type: OpenClaw Skill Name: python-code-analyz Version: 1.0.0 The 'Code Analyzer' skill is a legitimate static analysis tool designed to identify security vulnerabilities, performance issues, and code quality smells in Python code. The core logic in `analyzer.py` uses the standard `ast` module to parse code and detect risks such as SQL injection, command injection, and hardcoded secrets without executing the analyzed code or performing unauthorized network/file operations. The bundle's documentation (SKILL.md, README.md) and supporting scripts (publish.sh, example.py) are consistent with its stated purpose of providing automated code reviews and optimization suggestions.

Capability Assessment

✓ Purpose & Capability

Name/description (Python code analysis, security/performance checks, refactoring) align with the included code, docs, and examples. The code implements AST-based checks, secret pattern detection, timeout checks, SQL/command injection heuristics, etc., which are expected for this purpose. Repository metadata and SKILL.md match the analyzer functionality.

ℹ Instruction Scope

SKILL.md instructs standard repo actions (git clone, pip install -r requirements.txt, run analyzer or paste code for analysis). It does not instruct reading unrelated host files or sending data to unexpected external endpoints. Minor notes: example.py writes a sample file to /tmp (benign but will create/overwrite files there), SKILL.md and README contain placeholder GitHub URLs (yourusername) which are not real — verify repository/source before cloning. The example includes a hardcoded API key purely as demonstration; treat such examples as insecure if copied into production.

✓ Install Mechanism

There is no automated install spec in the registry metadata (instruction-only skill). SKILL.md suggests pip install from local repo and requirements.txt is empty (standard-library-only), so no remote installers or downloads are required. publish.sh and PUBLISH.md call a ClawHub CLI for publishing only; they do not download arbitrary code. Overall low install risk.

✓ Credentials

The skill requests no environment variables, no credentials, and no config paths. The code recommends using environment variables for secrets (os.getenv) in suggestions but does not require any secrets. No evidence of credential exfiltration or calls that would need unrelated credentials.

✓ Persistence & Privilege

Flags are standard: always:false, user-invocable:true, autonomous invocation allowed (default). The skill does not request permanent system presence or modify other skills' configs. publish.sh contains operations to publish the skill (requires clawhub login) but that is a normal developer helper and not an elevation of privilege.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install python-code-analyz
After installation, invoke the skill by name or use /python-code-analyz
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

python-code-analyz v1.0.0 - Initial release of the Python code analysis and optimization skill - Provides syntax checks, security vulnerability scanning, and performance improvement suggestions - Generates directly usable, refactored code based on analysis - Supports CLI usage, Python API integration, and agent-mode code review - Includes severity-based issue ranking and a customizable rules/config system

Metadata

Slug python-code-analyz

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is python-code-analyz?

专业Python代码分析与优化，支持语法检查、安全扫描、性能评估、复杂度分析及重构后的优化代码生成。 It is an AI Agent Skill for Claude Code / OpenClaw, with 118 downloads so far.

How do I install python-code-analyz?

Run "/install python-code-analyz" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is python-code-analyz free?

Yes, python-code-analyz is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does python-code-analyz support?

python-code-analyz is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created python-code-analyz?

It is built and maintained by sujian0606-cpu (@sujian0606-cpu); the current version is v1.0.0.

More Skills