← Back to Skills Marketplace
50
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install safe-change
Description
Map blast radius before shipping — run when editing a service, controller, hook, or shared utility to surface all importers, affected API routes, test gaps,...
Usage Guidance
This skill appears to do what it says: read-only impact analysis plus an optional verify gate. Before installing/run it, ensure the agent is allowed to run shell commands in a safe environment (tests and npm scripts can execute arbitrary repository code and may have side effects). Review your project's test/build scripts for destructive actions or external network calls if you plan to run the verify gate via an agent. Also remember the scanner is regex-based and can undercount importers (barrels, dynamic imports, path aliases) — treat Low scores conservatively and manually inspect barrels/dynamic imports in high-risk areas.
Capability Analysis
Type: OpenClaw Skill
Name: safe-change
Version: 1.0.1
The 'safe-change' skill is a utility designed to perform static impact analysis on TypeScript projects (NestJS/Next.js) before code changes are applied. The bundle consists of a Node.js script (scan-impact.mjs) that uses regex to identify importers, API routes, and environment variables, and a shell script (verify-gate.sh) that runs standard build and test commands. The instructions in SKILL.md and usage.md explicitly mandate a user checkpoint before any changes are made, and the scripts are primarily read-only or restricted to standard development workflows without evidence of data exfiltration, unauthorized execution, or malicious intent.
Capability Tags
Capability Assessment
Purpose & Capability
The SKILL.md, README, and the included scripts implement an impact scanner and a verify gate. The scanner only reads project files (package.json and .ts/.tsx files) to build importers, routes, env var references, and recent migrations. The verify gate runs tsc/lint/test/build if present. All requested capabilities align with 'map blast radius' and 'verify build integrity'.
Instruction Scope
Instructions confine the agent to running the included scanner and verify script and to pausing for an explicit checkpoint. The scanner performs project-wide read-only file traversal and regex analysis (expected). The verify gate executes project commands (npm scripts, tsc) which may run arbitrary repo code (tests/build scripts can have side effects) — this is expected for a verify gate but worth noting as an operational risk.
Install Mechanism
No install spec; the skill is instruction + scripts included in the bundle. No external downloads or package installs are performed by the skill itself (scan-impact.mjs intentionally uses only Node stdlib).
Credentials
The skill declares no required environment variables or credentials. The scanner only locates process.env.* references in source files (it does not read those environment values). No unrelated secrets or external service credentials are requested.
Persistence & Privilege
The skill is not forced-always, does not modify other skills or global agent configuration, and contains no code that persistently enables itself. The verify gate runs local build/test commands but does not change other skills or system-wide settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install safe-change - After installation, invoke the skill by name or use
/safe-change - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- Added new banner asset: assets/banner.svg.
- Updated "When to Use" guidance in SKILL.md to clarify that most production incidents start as changes that felt small.
v1.0.0
Initial release of Safe Change — a skill to proactively map the blast radius of code changes and enforce a safer deploy process.
- Scans target files to surface importers, affected API routes, test gaps, ENV vars, and recent DB migrations.
- Assigns a risk score (Low/Medium/High) based on impact heuristics.
- Generates a detailed Markdown report for user review before proceeding.
- Includes a mandatory checkpoint requiring explicit user confirmation to continue.
- Provides a verify gate script to run type-check, lint, test, and build steps post-change.
- Designed to work with TypeScript, NestJS, Next.js; zero-dependency static analysis via regex.
Metadata
Frequently Asked Questions
What is Safe change?
Map blast radius before shipping — run when editing a service, controller, hook, or shared utility to surface all importers, affected API routes, test gaps,... It is an AI Agent Skill for Claude Code / OpenClaw, with 50 downloads so far.
How do I install Safe change?
Run "/install safe-change" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Safe change free?
Yes, Safe change is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Safe change support?
Safe change is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Safe change?
It is built and maintained by brasco05 (@brasco05); the current version is v1.0.1.
More Skills