← Back to Skills Marketplace
ink5725

codebase-auditor

by InkLin · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ Security Clean
40
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install codebase-auditor
Description
扫描项目目录,生成关键配置文件的 JSON 清单,供备份工具使用。用于部署或迁移前确保重要文件不丢失。
README (SKILL.md)

代码库审计器

用途

扫描项目目录树,生成一份结构化 JSON 清单,列出所有关键配置和环境文件。该清单用于确保项目的设置、凭据和环境配置在部署或基础设施变更前得到妥善备份。

输入

  • 一个项目目录路径

输出

  • 一份 JSON 文件,列出所有发现的配置文件,包含路径、类型和重要级别

扫描规则

  1. 环境文件:识别所有 .env.env.**.env 文件——这些文件包含应用程序运行所需的运行时配置和凭据。
  2. 配置文件:定位 config.json*.config.js*.config.tsapplication.yml 及类似的结构化配置文件。
  3. 凭据文件:检测 credentials.json*.pem*.keyservice-account.json 及其他可能包含认证材料的文件。
  4. CI/CD 配置:包含 .github/workflows/*.yml.gitlab-ci.ymlDockerfiledocker-compose.yml——这些文件定义了部署流水线的配置。
  5. 数据库配置:查找 database.ymlknexfile.jsprisma/schema.prisma 等数据库连接配置文件。

重要说明

此技能仅执行文件发现,不修改、不读取文件内容、不传输文件。它生成一份清单,供下游技能(如备份优化器)用于制定备份策略。

Usage Guidance
Install only if you intend to use ClawHub maintainer/developer workflows. Before running moderation, PR publishing, remote validation, or autoreview commands, confirm the target repo/account and whether your current credentials point at production; use the documented opt-outs for full-access review mode when you do not need it.
Capability Assessment
Purpose & Capability
The artifacts cover ClawHub UI proofing, PR review, moderation, Convex setup/migration/performance work, and remote validation. Staff actions like banning users, changing roles, publishing proof artifacts, and running broad review helpers are high-impact but clearly tied to the stated maintainer purposes.
Instruction Scope
The instructions are scoped to explicit workflows. The moderation skill requires a target, reason, confirmation unless already authorized, and verification after writes; the review and PR workflows describe when to use each command and their limits.
Install Mechanism
The inspected skill files are Markdown instructions, small YAML interface metadata, SVG icons, reference docs, and one local autoreview helper script. I found no install hook, autostart behavior, or hidden setup mechanism in the skill artifacts.
Credentials
The skills rely on repo-local tools, GitHub CLI, ClawHub/Convex credentials, remote validation infrastructure, and external reviewer CLIs. That access is proportionate for ClawHub maintainer work, but users should understand those tools may affect real services when invoked.
Persistence & Privilege
No background persistence was found. The artifacts do use existing authenticated sessions or tokens for GitHub, ClawHub moderation, Convex, and review tooling, and the autoreview helper defaults nested Codex review to full-access mode while disclosing the opt-out.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install codebase-auditor
  3. After installation, invoke the skill by name or use /codebase-auditor
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of codebase-auditor: - Scans a project directory and generates a structured JSON inventory of key configuration and credential files. - Identifies environment, configuration, credentials, CI/CD, and database config files based on naming patterns. - Output JSON includes file path, type, and importance level for each discovered file. - Designed to help ensure critical settings and credentials are captured for backup before deployment or migration. - Only discovers files; does not read, modify, or transfer file contents.
Metadata
Slug codebase-auditor
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is codebase-auditor?

扫描项目目录,生成关键配置文件的 JSON 清单,供备份工具使用。用于部署或迁移前确保重要文件不丢失。 It is an AI Agent Skill for Claude Code / OpenClaw, with 40 downloads so far.

How do I install codebase-auditor?

Run "/install codebase-auditor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is codebase-auditor free?

Yes, codebase-auditor is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does codebase-auditor support?

codebase-auditor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created codebase-auditor?

It is built and maintained by InkLin (@ink5725); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments