← Back to Skills Marketplace
suhteevah

cachelint

by suhteevah · GitHub ↗ · v1.0.1 · MIT-0
darwinlinuxwin32 ✓ Security Clean
84
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install cachelint
Description
Caching anti-pattern analyzer -- detects Redis/Memcached misuse, TTL problems, cache invalidation failures, stampedes, architecture issues, and security hygi...
README (SKILL.md)

\r \r

CacheLint -- Caching Anti-Pattern Analyzer\r

\r CacheLint scans codebases for application-level caching anti-patterns: Redis/Memcached misuse, missing cache invalidation after writes, TTL problems, cache stampede risks, architecture issues, and security hygiene gaps. It uses regex-based pattern matching against 90 caching-specific patterns across 6 categories, lefthook for git hook integration, and produces markdown reports with actionable remediation guidance. 100% local. Zero telemetry.\r \r Note: CacheLint focuses on application-level caching (Redis calls, Memcached operations, local cache usage, invalidation logic, TTL management). It does NOT analyze HTTP cache headers.\r \r

Commands\r

\r

Free Tier (No license required)\r

\r

cachelint scan [file|directory]\r

One-shot caching quality scan of files or directories.\r \r How to execute:\r

bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" --path [target]\r
```\r
\r
**What it does:**\r
1. Accepts a file path or directory (defaults to current directory)\r
2. Discovers all source files (skips .git, node_modules, binaries, images, .min.js)\r
3. Runs 30 caching patterns against each file (free tier limit)\r
4. Calculates a caching quality score (0-100) per file and overall\r
5. Grades: A (90-100), B (80-89), C (70-79), D (60-69), F (\x3C60)\r
6. Outputs findings with: file, line number, check ID, severity, description, recommendation\r
7. Exit code 0 if score >= 70, exit code 1 if caching quality is poor\r
8. Free tier limited to first 30 patterns (CI + TE categories)\r
\r
**Example usage scenarios:**\r
- "Scan my code for caching issues" -> runs `cachelint scan .`\r
- "Check this file for cache anti-patterns" -> runs `cachelint scan src/cache-service.ts`\r
- "Find missing cache invalidation" -> runs `cachelint scan src/`\r
- "Audit cache TTL settings" -> runs `cachelint scan .`\r
- "Check for Redis misuse" -> runs `cachelint scan .`\r
\r
### Pro Tier ($19/user/month -- requires CACHELINT_LICENSE_KEY)\r
\r
#### `cachelint scan --tier pro [file|directory]`\r
Extended scan with 60 patterns covering invalidation, TTL, stampede, and Redis misuse.\r
\r
**How to execute:**\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" --path [target] --tier pro\r
```\r
\r
**What it does:**\r
1. Validates Pro+ license\r
2. Runs 60 caching patterns (CI, TE, CS, RM categories)\r
3. Detects cache stampede risks and Redis anti-patterns\r
4. Identifies KEYS * usage, missing pipelines, unbounded lists\r
5. Full category breakdown reporting\r
\r
#### `cachelint scan --format json [directory]`\r
Generate JSON output for CI/CD integration.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" --path [directory] --format json\r
```\r
\r
#### `cachelint scan --format html [directory]`\r
Generate HTML report for browser viewing.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" --path [directory] --format html\r
```\r
\r
#### `cachelint scan --category CS [directory]`\r
Filter scan to a specific check category (CI, TE, CS, RM, CA, SH).\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" --path [directory] --category CS\r
```\r
\r
### Team Tier ($39/user/month -- requires CACHELINT_LICENSE_KEY with team tier)\r
\r
#### `cachelint scan --tier team [directory]`\r
Full scan with all 90 patterns across all 6 categories including architecture and security.\r
\r
**How to execute:**\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" --path [directory] --tier team\r
```\r
\r
**What it does:**\r
1. Validates Team+ license\r
2. Runs all 90 patterns across 6 categories\r
3. Includes cache architecture checks (N+1 gets, mixed strategies, no abstraction)\r
4. Includes security & hygiene (PII in keys, missing TLS, no encryption)\r
5. Full category breakdown with per-file results\r
\r
#### `cachelint scan --verbose [directory]`\r
Verbose output showing every matched line and pattern details.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" --path [directory] --verbose\r
```\r
\r
#### `cachelint status`\r
Show license and configuration information.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" status\r
```\r
\r
## Check Categories\r
\r
CacheLint detects 90 caching anti-patterns across 6 categories:\r
\r
| Category | Code | Patterns | Description | Severity Range |\r
|----------|------|----------|-------------|----------------|\r
| **Cache Invalidation** | CI | 15 | Missing invalidation after writes, stale data, wrong write ordering | medium -- critical |\r
| **TTL & Expiry** | TE | 15 | Missing TTL, infinite cache, no jitter, hardcoded magic numbers | low -- high |\r
| **Cache Stampede** | CS | 15 | No lock on miss, thundering herd, missing singleflight, no stale-while-revalidate | low -- critical |\r
| **Redis/Store Misuse** | RM | 15 | KEYS *, FLUSHALL, no pipeline, missing pooling, synchronous calls | low -- critical |\r
| **Cache Architecture** | CA | 15 | N+1 gets, no abstraction, mixed strategies, no error fallback | low -- high |\r
| **Security & Hygiene** | SH | 15 | PII in keys, no TLS, missing encryption, no monitoring, key injection | low -- critical |\r
\r
## Tier-Based Pattern Access\r
\r
| Tier | Patterns | Categories |\r
|------|----------|------------|\r
| **Free** | 30 | CI, TE |\r
| **Pro** | 60 | CI, TE, CS, RM |\r
| **Team** | 90 | CI, TE, CS, RM, CA, SH |\r
| **Enterprise** | 90 | CI, TE, CS, RM, CA, SH + priority support |\r
\r
## Scoring\r
\r
CacheLint uses a deductive scoring system starting at 100 (perfect):\r
\r
| Severity | Point Deduction | Description |\r
|----------|-----------------|-------------|\r
| **Critical** | -25 per finding | Severe risk (stampede, KEYS *, FLUSHALL, wrong write order) |\r
| **High** | -15 per finding | Significant problem (missing invalidation, no TTL, N+1 gets) |\r
| **Medium** | -8 per finding | Moderate concern (no jitter, missing pooling, mixed strategies) |\r
| **Low** | -3 per finding | Informational / best practice suggestion |\r
\r
### Grading Scale\r
\r
| Grade | Score Range | Meaning |\r
|-------|-------------|---------|\r
| **A** | 90-100 | Excellent caching quality |\r
| **B** | 80-89 | Good caching with minor issues |\r
| **C** | 70-79 | Acceptable but needs improvement |\r
| **D** | 60-69 | Poor caching quality |\r
| **F** | Below 60 | Critical caching problems |\r
\r
- **Pass threshold:** 70 (Grade C or better)\r
- Exit code 0 = pass (score >= 70)\r
- Exit code 1 = fail (score \x3C 70)\r
\r
## Configuration\r
\r
Users can configure CacheLint in `~/.openclaw/openclaw.json`:\r
\r
```json\r
{\r
  "skills": {\r
    "entries": {\r
      "cachelint": {\r
        "enabled": true,\r
        "apiKey": "YOUR_LICENSE_KEY_HERE",\r
        "config": {\r
          "severityThreshold": "medium",\r
          "ignorePatterns": ["**/test/**", "**/fixtures/**", "**/*.test.*"],\r
          "ignoreChecks": [],\r
          "reportFormat": "text"\r
        }\r
      }\r
    }\r
  }\r
}\r
```\r
\r
## Important Notes\r
\r
- **Free tier** works immediately with no configuration\r
- **All scanning happens locally** -- no code is sent to external servers\r
- **License validation is offline** -- no phone-home or network calls\r
- Pattern matching only -- no AST parsing, no external dependencies beyond bash\r
- Supports scanning all file types in a single pass\r
- Git hooks use **lefthook** which must be installed (see install metadata above)\r
- Exit codes: 0 = pass (score >= 70), 1 = fail (for CI/CD integration)\r
- Output formats: text (default), json, html\r
\r
## Error Handling\r
\r
- If lefthook is not installed and user tries hooks, prompt to install it\r
- If license key is invalid or expired, show clear message with link to https://cachelint.pages.dev/renew\r
- If a file is binary, skip it automatically with no warning\r
- If no scannable files found in target, report clean scan with info message\r
- If an invalid category is specified with --category, show available categories\r
\r
## When to Use CacheLint\r
\r
The user might say things like:\r
- "Scan my code for caching issues"\r
- "Check my cache invalidation logic"\r
- "Find missing TTL on cache entries"\r
- "Detect cache stampede risks"\r
- "Are there any Redis anti-patterns?"\r
- "Check for KEYS * usage in production code"\r
- "Audit my caching architecture"\r
- "Find security issues in cache usage"\r
- "Check for PII in cache keys"\r
- "Scan for missing cache invalidation"\r
- "Run a caching quality audit"\r
- "Generate a cache health report"\r
- "Check if my Redis calls use pipelines"\r
- "Find N+1 cache get patterns"\r
- "Check my code for cache stampede vulnerabilities"\r
Usage Guidance
What to consider before installing: - Function: CacheLint appears to be a local, regex-based caching anti-pattern scanner — the scripts run locally and there are no network calls in the provided code. - License/key: Pro/Team features require a CACHELINT_LICENSE_KEY. The tool will also try to read ~/.openclaw/openclaw.json for a stored key; if you keep secrets in that file, the skill will read them to find the license. If you do NOT want the tool to access that file, avoid setting the license or remove the entry. - Optional secret: The license verifier optionally looks for CLAWHUB_JWT_SECRET (not declared in metadata) to verify JWT signatures if you set it; you don't need to set this for normal use. - Git hooks: Installing hooks will write/modify lefthook.yml in your repo and run lefthook install so the scanner runs on commit/push; consider whether you want automatic scans blocking commits and verify the hooked commands source the skill from a path you control (CACHELINT_SKILL_DIR defaults to $HOME/.openclaw/skills/cachelint). - lefthook install: The install spec only requests installing lefthook via Homebrew. If you prefer more control, install lefthook separately and run the skill's hooks install command yourself. - Audit before use: Because the scanner sources scripts into hook execution, review the shipped scripts (patterns.sh, analyzer.sh, dispatcher.sh, license.sh) in-place (they are included in this package) to be comfortable with what will run on commit/push. Overall recommendation: behavior is consistent with the claimed purpose. If you accept local reading of ~/.openclaw/openclaw.json and automatic git hooks, the skill is coherent; otherwise restrict license placement and skip hook installation.
Capability Analysis
Type: OpenClaw Skill Name: cachelint Version: 1.0.1 CacheLint is a static analysis tool designed to detect caching anti-patterns in codebases. The skill operates entirely locally, using bash and regex-based scanning (patterns.sh) to identify issues like Redis misuse, TTL problems, and cache stampede risks. The license validation logic (license.sh) is performed offline by decoding JWT tokens locally, and the git hook integration (lefthook.yml) is a standard development workflow feature. No evidence of data exfiltration, unauthorized network calls, or malicious execution was found.
Capability Tags
requires-sensitive-credentials
Capability Assessment
Purpose & Capability
Name/description match the shipped scripts and patterns: the bundle contains a regex-based scanner (patterns.sh), dispatcher/analyzer to run scans, and lefthook integration for git hooks. Declared requirements (git, bash, python3, jq) are reasonable for file discovery, parsing JSON, and hook installation. The brew install of lefthook aligns with the provided lefthook.yml and hooks-install logic.
Instruction Scope
Runtime instructions and scripts operate locally: they discover files, run grep-based pattern matching, compute scores, and produce text/json/html reports. The skill reads ~/.openclaw/openclaw.json (declared in metadata) to retrieve a license key and can source its own scripts during git hooks. This is expected, but the hook mechanism will source pattern/analyzer code during commits/pushes, so installing hooks gives the skill a persistent action on repo operations.
Install Mechanism
Install spec only requests installing lefthook via Homebrew (a known tool) rather than fetching arbitrary archives or running remote installers. The skill's own files are provided in the package (no external code download at runtime). The lefthook install step will write to the repository's lefthook.yml and run lefthook install — expected for git hook integration.
Credentials
Primary credential CACHELINT_LICENSE_KEY is declared and used only for unlocking paid tiers — proportional to the product. The license module reads ~/.openclaw/openclaw.json to find a key (declared in metadata). One additional env var (CLAWHUB_JWT_SECRET) appears in the license module as an optional HMAC verification secret but is not declared in the skill metadata; it's optional and only used to verify JWT signatures if set.
Persistence & Privilege
always:false and model invocation is allowed (default). The notable persistence is git-hook integration: installing hooks writes/edits lefthook.yml in repositories and runs lefthook install so the scanner can run automatically on pre-commit/pre-push. This is expected for tools that guard commits, but users should be aware hooks will execute the skill's code during normal git operations.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install cachelint
  3. After installation, invoke the skill by name or use /cachelint
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Fix: declare all deps, JWT verification, configPaths
Metadata
Slug cachelint
Version 1.0.1
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is cachelint?

Caching anti-pattern analyzer -- detects Redis/Memcached misuse, TTL problems, cache invalidation failures, stampedes, architecture issues, and security hygi... It is an AI Agent Skill for Claude Code / OpenClaw, with 84 downloads so far.

How do I install cachelint?

Run "/install cachelint" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is cachelint free?

Yes, cachelint is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does cachelint support?

cachelint is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux, win32).

Who created cachelint?

It is built and maintained by suhteevah (@suhteevah); the current version is v1.0.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments