← Back to Skills Marketplace
Codebase Intelligence
by
michealxie001
· GitHub ↗
· v1.0.0
· MIT-0
99
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install codebase-intelligence
Description
Intelligent codebase analysis and understanding with caching. Automatically explores project structure, identifies modules, analyzes dependencies, and answer...
README (SKILL.md)
Codebase Intelligence
智能代码库分析工具,自动理解项目结构、模块边界和依赖关系。
Version: 1.0
Features: 增量索引缓存、符号搜索、智能问答、架构图生成
Quick Start
1. 首次索引(自动缓存)
cd /path/to/project
python3 /path/to/codebase-intelligence/scripts/main.py analyze .
第一次会创建 .codebase-intelligence/ 目录并缓存索引。后续查询秒开!
2. 智能问答
# 查找代码位置
python3 main.py ask "Where is authentication implemented?"
# 了解工作流程
python3 main.py ask "How does the user login flow work?"
# 查找如何修改
python3 main.py ask "What files need to change to add OAuth?"
3. 符号搜索
# 查找类定义
python3 main.py analyze --symbol "UserManager" --symbol-type class
# 查找函数
python3 main.py analyze --symbol "authenticate" --symbol-type func
4. 依赖分析
# 查看文件依赖什么
python3 main.py deps src/auth.py
# 查看什么依赖这个文件
python3 main.py deps src/utils.py --reverse
5. 生成架构图
# Mermaid 图
python3 main.py diagram --format mermaid
# 流程图
python3 main.py diagram --format mermaid-flow --entry-points main.py app.py
Commands
| 命令 | 功能 | 示例 |
|---|---|---|
analyze |
分析代码库(带缓存) | main.py analyze . --stats |
analyze --search |
搜索文件 | main.py analyze --search "auth" |
analyze --symbol |
查找符号 | main.py analyze --symbol "User" |
ask |
智能问答 | main.py ask "How does X work?" |
deps |
依赖分析 | main.py deps src/main.py --reverse |
diagram |
生成图表 | main.py diagram --format mermaid |
index |
更新索引 | main.py index --export index.json |
Features
✅ 增量缓存
- 首次分析后自动缓存
- 后续只更新修改过的文件
- 大型项目也能秒开
# 第一次:建立索引(可能需要几秒)
python3 main.py analyze .
# 第二次:秒开!
python3 main.py analyze . # 瞬间完成
✅ 符号索引
自动索引:
- 函数定义
- 类/接口定义
- 导入语句
- 文件元数据(语言、行数)
✅ 智能问答
支持问题类型:
- Location: "Where is X?" → 定位代码
- How it works: "How does X work?" → 理解流程
- Definition: "What is X?" → 查找定义
- Dependencies: "What depends on X?" → 依赖分析
- Modification: "How to add X?" → 修改建议
✅ 多语言支持
| 语言 | 符号解析 | 依赖提取 |
|---|---|---|
| Python | ✅ | ✅ |
| JavaScript/TypeScript | ✅ | ✅ |
| Go | ✅ | ✅ |
| Java | ✅ | ✅ |
| Rust | ✅ | ⚠️ |
| Ruby | ⚠️ | ⚠️ |
| PHP | ⚠️ | ⚠️ |
Examples
场景 1:接手新项目
# 1. 获取整体概览
python3 main.py analyze /path/to/project --stats
# 2. 了解主要模块
python3 main.py analyze --search "module"
# 3. 查找核心类
python3 main.py analyze --symbol "App" --symbol-type class
# 4. 了解工作流程
python3 main.py ask "How does data flow through the system?"
# 5. 生成架构图
python3 main.py diagram --format mermaid-component
场景 2:重构前分析
# 1. 检查谁依赖要重构的模块
python3 main.py deps src/old-module.py --reverse --depth 3
# 2. 了解影响范围
python3 main.py ask "What would break if I refactor the auth module?"
# 3. 查看修改建议
python3 main.py ask "How to migrate from class X to class Y?"
场景 3:代码审查
# 查看变更影响
python3 main.py ask "What depends on src/utils/helpers.py?"
Configuration
忽略文件
在 .codebase-intelligence.json 中配置:
{
"ignore": [
"node_modules",
".git",
"*.test.js",
"vendor/"
],
"entryPoints": [
"src/main.py",
"src/index.js"
]
}
缓存位置
默认缓存位置:\x3Cproject>/.codebase-intelligence/codebase_index.pkl
也可以指定:
python3 main.py analyze . --cache-dir /path/to/cache
Output Formats
Markdown Report
python3 main.py analyze --stats
包含:
- 项目概览
- 语言分布表
- 模块结构树
- 符号统计
JSON Export
python3 main.py index --export index.json
结构化数据,包含完整索引信息。
Mermaid Diagrams
python3 main.py diagram --format mermaid
可直接在 Markdown/GitHub/GitLab 中渲染。
Performance
| 项目规模 | 首次索引 | 增量更新 |
|---|---|---|
| 小 (\x3C100文件) | \x3C1s | \x3C0.1s |
| 中 (100-1000文件) | 2-5s | \x3C0.5s |
| 大 (1000-5000文件) | 10-30s | \x3C2s |
Files
skills/codebase-intelligence/
├── SKILL.md # 本文件
└── scripts/
├── main.py # ⭐ 统一入口
├── indexer.py # 索引引擎(带缓存)
├── ask_v2.py # 智能问答
├── analyze.py # 基础分析
├── deps.py # 依赖分析
└── diagram.py # 图表生成
Integration
Git Hooks
# .git/hooks/pre-commit
python3 scripts/main.py index
CI/CD
# .github/workflows/analysis.yml
- name: Analyze Codebase
run: |
python3 scripts/main.py analyze --stats
python3 scripts/main.py diagram --format mermaid > architecture.md
Next Steps / Roadmap
- 增量缓存
- 符号索引
- 智能问答
- AST 解析(提高准确性)
- 接入 LLM(语义理解)
- 实时 watch 模式
- Web UI
Production Ready? ✅
当前状态:可用,适合日常使用
- 缓存机制 ✅
- 增量更新 ✅
- 符号索引 ✅
- 智能问答 ✅
- 性能优化 ✅
待完善:
- AST 解析(当前使用正则,有 5-10% 误差)
- LLM 集成(当前基于关键词匹配)
Usage Guidance
What to check before installing or running this skill:
- Review indexer.py and scripts/main.py in full for any network calls, subprocess/os.system usage, or imports of third-party libraries that might reach out to external services. The truncated snippets don't show network calls, but the indexer was not fully shown.
- Be cautious about running it against sensitive repositories: the tool indexes and caches full file contents under <project>/.codebase-intelligence/, so secrets or credentials in the repo will be read and stored locally.
- The SKILL.md mentions a cache file named codebase_index.pkl. If the code loads that file using pickle, loading an attacker-controlled pickle can execute arbitrary code. Confirm the cache format and refuse to load caches from untrusted locations.
- The bundle contains incomplete/truncated code and apparent syntax/logic issues in the provided snippets (e.g., truncated functions/lines). That indicates it may crash or behave unexpectedly; treat it as not production-ready until fixed.
- Do not add the suggested git hook to important repositories until you have reviewed the hook script; adding it will cause the tool to run automatically on commits.
- If you want to try it, run it in a disposable/sandboxed environment and against a non-sensitive repository first. Consider running Python in a virtualenv and inspect the created cache directory after indexing.
If you want, I can: (1) scan the remaining/truncated files for network or unsafe deserialization usage, (2) point out exact lines that indicate syntax errors, or (3) suggest safer alternatives for caching (e.g., JSON rather than pickle) and sandboxed invocation commands.
Capability Analysis
Type: OpenClaw Skill
Name: codebase-intelligence
Version: 1.0.0
The codebase-intelligence skill bundle is a legitimate tool designed for local project analysis, indexing, and architectural visualization. It uses standard Python libraries to traverse the filesystem, parse source code for symbols and imports, and generate reports or Mermaid diagrams. While it uses pickle for caching in indexer.py (a common but technically risky practice if cache files are tampered with), there is no evidence of data exfiltration, unauthorized network access, or malicious command execution. The instructions in SKILL.md are consistent with the tool's stated functionality.
Capability Assessment
Purpose & Capability
Name/description match the included scripts (analyze, indexer, ask, deps, diagram). The code is a local indexer/search/diagram tool and does not declare external credentials or binaries. However, the SKILL.md and some file headers claim LLM integration and production readiness while the provided scripts appear regex-based and limited; that is an overstated capability relative to the shipped code.
Instruction Scope
SKILL.md instructs running the Python scripts against an entire project and creating a cache under <project>/.codebase-intelligence/. That behavior is expected for this purpose, but it will read and index all files under the target path (including any secrets or config checked into the repo). The docs also suggest adding a pre-commit git hook (optional) which would execute indexing on git operations — a change to repository hooks that the user must explicitly authorize. The docs refer to a pickle cache file (.codebase-intelligence/codebase_index.pkl); if the code uses pickle for loading cache, that can be a remote code execution vector if an attacker can tamper with the cache file.
Install Mechanism
There is no install spec (instruction-only skill plus bundled Python scripts). No external installers, downloads, brew/npm, or network fetches are declared in SKILL.md. Running these scripts requires only Python available on the system.
Credentials
No environment variables, credentials, or config paths are required by the skill metadata or visible code. That is proportional to a local code analysis tool. Note: because the tool indexes entire repositories, it will read any files present in the target directory (including credentials committed into the repo) — this is expected but worth flagging.
Persistence & Privilege
always is false and the skill does not request system-wide privileges. It writes a cache directory inside the project (as documented). The only persistence-like suggestion is an optional git hook sample; adding that hook would be a repository change and should be applied only after review. No evidence in the provided snippets of the skill modifying other agent or system settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install codebase-intelligence - After installation, invoke the skill by name or use
/codebase-intelligence - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: Incremental caching, symbol indexing, smart Q&A, and diagram generation
Metadata
Frequently Asked Questions
What is Codebase Intelligence?
Intelligent codebase analysis and understanding with caching. Automatically explores project structure, identifies modules, analyzes dependencies, and answer... It is an AI Agent Skill for Claude Code / OpenClaw, with 99 downloads so far.
How do I install Codebase Intelligence?
Run "/install codebase-intelligence" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Codebase Intelligence free?
Yes, Codebase Intelligence is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Codebase Intelligence support?
Codebase Intelligence is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Codebase Intelligence?
It is built and maintained by michealxie001 (@michealxie001); the current version is v1.0.0.
More Skills