← Back to Skills Marketplace

Code Assistant

Name: Code Assistant
Author: evolinkai

by EvolinkAI · GitHub ↗ · v1.0.6 · MIT-0

cross-platform ⚠ suspicious

127

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install verified-code

Description

Generate, review, debug, and refactor production-ready Python, JavaScript/TypeScript, Go, Rust, Java, and C/C++ code with verified syntax and tests.

Usage Guidance

This skill will read user-specified workspace files, run syntax checks/tests locally (i.e., execute your code), and—if you consent—transmit workspace files to api.evolink.ai using an EVOLINK_API_KEY. The platform metadata shown to you omitted those required env vars and the CLI/binary dependency, which is inconsistent with the README/_meta.json. Before installing or running it: - Treat it as a cloud-backed service that will send code externally. Do NOT use it on repositories containing secrets, proprietary code, or confidential data. - Verify the vendor (Evolink.ai) and their published repository and privacy/security documentation (links are present in README). Confirm the actual endpoint(s) and what data is transmitted. - Prefer testing in a sandbox or a non-sensitive sample repo first. - Ask the skill author to fix the metadata inconsistency so required env vars (EVOLINK_API_KEY, EVOLINK_MODEL) and required binaries (node, any test tools) are declared on the platform. - If you cannot confirm the implementation/source code of the CLI/service, avoid granting an API key or running it against sensitive codebases.

Capability Analysis

Type: OpenClaw Skill Name: verified-code Version: 1.0.6 The 'verified-code' skill is a code assistant that integrates with the Evolink.ai API to generate, review, and debug code. It involves high-risk behaviors such as transmitting workspace files to an external endpoint (api.evolink.ai) and executing local code for syntax verification and testing; however, these are core features of the stated service and are clearly documented. The SKILL.md instructions explicitly direct the AI agent to obtain user consent before transmitting data and to limit file access to only what is necessary, demonstrating a focus on security and transparency.

Capability Assessment

⚠ Purpose & Capability

The skill's functionality (generate/verify/run code) matches its name and description. However the registry metadata presented to the platform declares no required environment variables or binaries while the shipped README/_meta.json/docs explicitly require EVOLINK_API_KEY, EVOLINK_MODEL and list 'node' as a binary. That mismatch is concerning because the skill will rely on external API credentials and a CLI that are not declared in the platform metadata.

⚠ Instruction Scope

SKILL.md explicitly instructs the agent to read user-specified workspace files and transmit workspace code to api.evolink.ai after asking consent, and to run local verification (syntax checks/tests). Asking for consent is good practice, but the skill's core behavior includes sending repository files externally and executing user code — both sensitive operations. There are also internal contradictions: 'Minimal File Access' vs README statements like 'Reads your project structure' which imply broader workspace scanning unless strictly constrained by user input.

ℹ Install Mechanism

This is instruction-only (no install spec), which reduces automatic install risk. But the package.json/package-lock in the file manifest advertise a CLI ('evocode') and Node dependency while no install instructions are provided to the platform. That mismatch may confuse users and suggests the skill expects external tooling that the platform will not automatically supply.

⚠ Credentials

The skill will require an EVOLINK_API_KEY and (optionally) EVOLINK_MODEL to operate against an external API, and it declares network and shell access in its _meta.json. Those credentials are proportionate to a cloud-based code-generation service, but the platform registry fields shown to the installer list no required env vars — an important omission that hides the need to provide a secret API key and increases the chance a user will inadvertently transmit private code without realizing it.

ℹ Persistence & Privilege

always is false (no forced persistence), and the skill does not request platform-wide configuration changes. It does require the ability to execute shell commands and run tests (i.e., execute user code), which is expected for a code-verification skill but increases risk if used on untrusted repositories. The SKILL.md requires user consent before transmission which mitigates some risk, but autonomous agent invocation combined with network access and an external API key would increase blast radius if the agent disregards consent prompts.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install verified-code
After installation, invoke the skill by name or use /verified-code
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.6

Version 1.0.6 - Added explicit user consent and minimal file access requirements before reading or transmitting workspace files. - Updated workflow and security instructions to reflect new privacy safeguards. - Skill now asks users to confirm absence of secrets/confidential info before analyzing files. - Improved documentation to clarify that only specified files or user-approved files are accessed. - Enhanced guidance for use in trusted or sandboxed environments.

v1.0.5

- Documentation updated: no functional changes, but SKILL.md received minor wording or formatting edits. - No changes to code or behavior in this release.

v1.0.4

- Documentation or metadata updated; no user-facing logic or feature changes. - No impact on skill usage or results.

v1.0.3

- Documentation updated only; no changes to code or functionality. - SKILL.md markdown formatting, instructions, and example content remain unchanged in substance. - No impact on usage, configuration, or compatibility.

v1.0.2

- Expanded security section in documentation to highlight that workspace files (including user code) are sent to api.evolink.ai for processing. - Added warnings about transmitting confidential information and executing untrusted code during verification. - Clarified file access behavior and the importance of using the skill only with trusted repositories or in sandboxed environments. - No changes to functionality; documentation updates only.

v1.0.1

- Updated metadata and documentation files. - No changes to skill logic or functionality.

v1.0.0

Code Assistant 1.0.0 — Initial Release - Generate, review, debug, and refactor code in Python, JavaScript/TypeScript, Go, Rust, Java, and C/C++. - Produces fully working, no-placeholder code with automatic syntax verification and optional testing. - Performs context-aware file analysis before edits; supports targeted, minimal changes. - Detects project language and runs appropriate verification commands. - Includes robust security and workspace file access controls. - Detailed instructions, workflow, and sample CLI usage provided.

Metadata

Slug verified-code

Version 1.0.6

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 7

Frequently Asked Questions

What is Code Assistant?

Generate, review, debug, and refactor production-ready Python, JavaScript/TypeScript, Go, Rust, Java, and C/C++ code with verified syntax and tests. It is an AI Agent Skill for Claude Code / OpenClaw, with 127 downloads so far.

How do I install Code Assistant?

Run "/install verified-code" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Code Assistant free?

Yes, Code Assistant is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Code Assistant support?

Code Assistant is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Code Assistant?

It is built and maintained by EvolinkAI (@evolinkai); the current version is v1.0.6.

More Skills