← Back to Skills Marketplace
uniapp项目分析器 (脚本版)
by
include5943
· GitHub ↗
· v1.0.0
· MIT-0
106
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install uniapp-analyzer-script
Description
脚本版 (PowerShell) - 精确统计离线分析,依赖 skill-seekers
Usage Guidance
What to consider before installing/running:
- The tool is an offline project analyzer and its requirements (a 'skill-seekers' engine) make sense for that purpose, but the implementation has bugs/inconsistencies (config merging and exclusion lists) — expect to test on a non-critical project first.
- Running the script may attempt to pip install 'skill-seekers' (network download). If you are concerned, install and inspect that package manually (pip install --no-deps --download or review its source) before allowing the script to auto-install.
- Deep analysis parses manifest.json / package.json and will record AppIDs, plugin names and other metadata; do not run this on repositories that contain secrets or sensitive credentials you do not want written to temporary output directories. Use Preview mode first to see which files would be analyzed.
- Because the config handling appears not to merge type-specific configs correctly and some configs exclude package.json, behavior may be unexpected; verify detection and exclusion behavior on a test repo and use the --preview/-Preview flag to check the file list before proceeding.
- Best practice: run the tool inside an isolated environment (container or VM) or on a copy of the repository, examine generated analysis files before sharing them, and review the 'skill-seekers' package source if you plan to use this in production.
Capability Assessment
Purpose & Capability
Name/description match the included scripts and configs: the tool inspects uni-app/Vue files, computes code-quality metrics and generates reports. Requiring 'skill-seekers' (the external analysis engine) is consistent with the stated design. However there are incoherences in the shipped implementation: SKILL.md describes merging base + type configs and parsing package.json for Vue detection, but the provided load_config implementation appears to only cat the base config (it does not merge the type-specific config). Additionally the configs list 'package.json' in excluded files for project types, which contradicts the SKILL.md's stated deep-analysis of package.json. These are design/engineering issues (not obviously malicious) but reduce internal consistency.
Instruction Scope
Runtime instructions and scripts operate on project files only (manifest.json, pages.json, package.json, .vue/.js files). The tool copies project files to a temporary directory and invokes 'skill-seekers' to do deep analysis — that behavior is coherent with project analysis. One privacy-relevant item: deep analysis explicitly extracts manifest fields such as AppID, permissions and third‑party SDKs (e.g., ad SDKs), which can contain sensitive identifiers; while relevant to analysis, this means provider or downstream tooling could see secrets embedded in project files. The SKILL.md does not instruct sending data to external endpoints, but the script can attempt to pip-install an external package (network activity) and will write temporary output to disk.
Install Mechanism
There is no registry-level install spec; the scripts prompt to install 'skill-seekers' via pip if it is missing. That is a normal but moderate-risk pattern: pip will fetch code from the Python package index (network download). The skill does not embed or download arbitrary binaries itself, but automatic installation is attempted when the user consents. If you do not trust 'skill-seekers', you should inspect or install it manually from a known source before running this skill.
Credentials
The skill does not request environment variables, credentials, or config paths in the manifest. That is appropriate for a local code analyzer. Caveat: the analyzer reads project files (and saves copies to temporary directories), so secrets stored in repository files (manifest.json, package.json, config files, or accidentally committed .env-like files) will be included in analysis outputs. The base config does attempt to exclude common secret files (e.g., .env patterns) but the shipped exclude lists contain small oddities (e.g., 'package.json' is listed as an excluded file in some type configs, which conflicts with expected parsing).
Persistence & Privilege
The skill is not marked always:true and does not declare elevated platform privileges. It writes temporary analysis output into an analysis-output directory under the project and creates temp config files; that is expected for a local analyzer. It does not modify other skills or system-wide settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install uniapp-analyzer-script - After installation, invoke the skill by name or use
/uniapp-analyzer-script - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
脚本版分析器,PowerShell 驱动,精确统计离线分析,依赖 skill-seekers
Metadata
Frequently Asked Questions
What is uniapp项目分析器 (脚本版)?
脚本版 (PowerShell) - 精确统计离线分析,依赖 skill-seekers. It is an AI Agent Skill for Claude Code / OpenClaw, with 106 downloads so far.
How do I install uniapp项目分析器 (脚本版)?
Run "/install uniapp-analyzer-script" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is uniapp项目分析器 (脚本版) free?
Yes, uniapp项目分析器 (脚本版) is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does uniapp项目分析器 (脚本版) support?
uniapp项目分析器 (脚本版) is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created uniapp项目分析器 (脚本版)?
It is built and maintained by include5943 (@include5943); the current version is v1.0.0.
More Skills