← 返回 Skills 市场
401
总下载
0
收藏
2
当前安装
11
版本数
在 OpenClaw 中安装
/install auto-coding-correctversion
功能描述
自主编程系统 - 需求拆解、分析需求、找方法、自我反思、迭代优化,达到交付标准
使用说明 (SKILL.md)
Auto-Coding Skill 🤖
版本: 2.1.1 (深度分析 + 交付检查)
自主编程系统 - 不是简单的代码生成,而是具备需求拆解、深度分析和自我反思能力的智能编程系统。
🆕 v2.1.0 新增:交付标准检查 ✅
在代码交付前进行 8 项严格检查:
- ✅ 语法检查、安全检查、文档完整性
- ✅ 错误处理、基本测试、功能完整性
- ✅ TODO 检查、代码风格
🆕 v2.0.0 新增:深度分析模块 🔍
引入深度分析模块 (deep_analysis.py):
- ✅ 根因分析 (Root Cause Analysis)
- ✅ 模式识别 (Pattern Recognition)
- ✅ 多维度验证 (Multi-dimensional Verification)
🆕 v1.3.0 新增:需求拆解器 🎯
智能判断任务复杂度,动态调整执行流程:
| 任务类型 | 复杂度 | 耗时 |
|---|---|---|
| 简单任务 | 1-3/10 | ~15 秒 |
| 中等任务 | 4-6/10 | ~60 秒 |
| 复杂任务 | 7-10/10 | ~180 秒 |
核心能力
- 需求拆解 - 分析任务复杂度,生成执行计划
- 分析需求 - 识别领域、技能要求、潜在挑战
- 找方法 - 搜索文档、工具、最佳实践
- 实现代码 - 生成可运行的代码
- 测试验证 - 运行测试确保代码工作
- 深度分析 - 根因分析、模式识别 (v2.0+)
- 自我反思 - 识别问题并改进(关键!)
- 交付检查 - 8 项标准严格把关 (v2.1+)
使用方式
通过 nanobot 命令
/auto-coding 创建一个批量重命名文件的脚本
通过 Python API
from worker import AutoCodingWorker, WorkMode
worker = AutoCodingWorker(mode=WorkMode.STANDARD)
result = await worker.run("创建一个批量重命名文件的脚本")
print(f"成功:{result.success}")
print(f"代码:{result.final_code}")
print(f"迭代:{result.iterations}")
工作模式
| 模式 | 说明 | 适用场景 |
|---|---|---|
quick |
快速模式,跳过测试和反思 | 简单脚本、单文件任务 |
standard |
标准模式,完整流程 | 大多数任务 |
deep |
深度模式,多次反思迭代 | 复杂功能、需要优化的代码 |
常见场景
创建脚本:
/auto-coding 创建一个 Python 脚本来处理 CSV 文件
/auto-coding 帮我写一个批量下载图片的脚本
开发应用:
/auto-coding 开发一个 Flask API 服务
/auto-coding 创建一个 React 组件
功能实现:
这个功能怎么实现?我需要给项目添加日志功能
我需要写一个函数来验证邮箱格式
文件结构
auto-coding/
├── SKILL.md # 技能定义(本文件)
├── README.md # 详细文档
├── USAGE.md # 使用指南
├── DECOMPOSER_DESIGN.md # 需求拆解器设计文档
├── decomposer.py # 需求拆解器 (v1.3.0 新增)
├── worker.py # 核心工作流引擎
├── self_reflect.py # 自我反思模块
├── delivery_check.py # 交付标准检查
├── llm_client.py # LLM 调用客户端(复用 nanobot 配置)
├── prompts/ # 提示词模板
└── tests/ # 测试套件
依赖
- Python 3.10+
- dashscope (阿里云通义千问)
- duckduckgo-search (可选,用于搜索)
配置
LLM 配置
复用 nanobot 的 LLM 配置(从 ~/.nanobot/config.json 读取)
工作空间
默认:~/.nanobot/workspace
可以通过参数指定:
worker = AutoCodingWorker(workspace="/path/to/workspace")
交付标准
代码必须通过以下检查才能交付:
- 运行无错误
- 有基本测试
- 有文档说明
- 有错误处理
- 通过安全检查
版本历史
- v1.3.0 - 新增需求拆解器,智能判断复杂度
- v1.2.0 - 新增自我反思模块
- v1.1.0 - 新增交付检查
- v1.0.0 - 初始版本
相关文档
- README.md - 详细文档
- USAGE.md - 使用指南
- DECOMPOSER_DESIGN.md - 需求拆解器设计
安全使用建议
This skill appears to implement a legitimate auto-coding workflow that reuses your Nanobot LLM configuration, but there are several concerning items you should address before installing or running it: 1) Inspect the repository for hard-coded secrets (I found API keys in 9model_test.py). Remove any real keys and rotate them if these are yours. 2) Be aware the skill reads ~/.nanobot/config.json and will reuse any LLM API keys present there — only install if you trust the skill and its author. 3) Confirm the install steps (pip packages) and ensure you install them in an isolated environment (virtualenv/container). 4) Ask the author to fix metadata inconsistencies so required config paths and env vars are declared in the registry entry. 5) Run the skill in a sandboxed account or VM first (or with limited credentials) and audit its network traffic and file writes. If you cannot validate the origin/author or if those embedded keys are unexpected, do not install.
功能分析
Type: OpenClaw Skill
Name: auto-coding-correctversion
Version: 2.1.2
The bundle contains multiple hardcoded, active-looking API keys for DashScope and MiniMax services across several test scripts (e.g., 9model_test.py, robust_9model_test.py, and test_minimax_m27.py). Additionally, llm_client_v2.py implements a high-risk execution pattern where it generates a temporary Python script and executes it via subprocess.run to interface with the Nanobot environment. While these appear to be architectural workarounds and leaked development credentials rather than intentional malware designed to exfiltrate user data, the combination of credential leaks and dynamic code execution poses a significant security risk.
能力标签
能力评估
Purpose & Capability
The name/description (auto-coding, LLM-driven code generation + delivery checks) align with the included source files (worker, decomposer, self_reflect, delivery_check, llm_client). Reusing a host's LLM config (~/.nanobot/config.json) and contacting LLM endpoints is coherent for this purpose. However, the package metadata presented to the registry omitted declared config paths and environment requirements shown inside SKILL.md/code, which is an inconsistency worth noting.
Instruction Scope
SKILL.md and code explicitly read ~/.nanobot/config.json and default workspace paths; llm_client/llm_client_v2 create temporary scripts to read agent configuration. The registry record did not declare required config paths or environment variables. The runtime instructions and code therefore access user config files (which can contain API keys) and will make outbound API calls — this is expected for an LLM-backed skill but must be declared up front. The skill also contains code that can post to external LLM endpoints and may create/modify files in ~/.nanobot/workspace.
Install Mechanism
SKILL.md front matter includes pip install entries for 'dashscope' and optional 'duckduckgo-search', which are sensible for LLM integration and search; the registry summary said 'No install spec', creating a mismatch. There is no download-from-arbitrary-URL installer and the dependency list appears limited to pip packages — lower installation risk, but the metadata inconsistency should be resolved.
Credentials
The package requests no env vars in the registry record, yet code and docs expect to read LLM API credentials from ~/.nanobot/config.json (or env vars like DASHSCOPE_API_KEY in docs). More importantly, I found hard-coded API keys inside source (e.g., 9model_test.py includes API_KEYS with 'bailian' and 'minimax' keys). Hard-coded keys in distributed code are a serious red flag (leaked or test credentials) and are NOT justified by the skill's stated purpose. The skill may access or reuse sensitive credentials from the user's nanobot config — that access should be explicit in the registry metadata and consented to.
Persistence & Privilege
always:false and no unusual global privileges are requested. The skill will read/write under ~/.nanobot/workspace by default (documented) which is reasonable for a coding/worker skill. It does not request to be always-enabled or to modify other skills' configuration.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install auto-coding-correctversion - 安装完成后,直接呼叫该 Skill 的名称或使用
/auto-coding-correctversion触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.1.2
auto-coding-correctversion 2.1.2
- Removed usage guide and test files (`USAGE.md`, `tests/test_decomposer.py`, `tests/test_worker.py`)
- SKILL.md updated; some version and capability descriptions adjusted
- Updated `delivery_check.py` with changes not detailed here
v2.1.1
auto-coding-correctversion v2.1.1
- Updated documentation in README.md for clarity and completeness.
- Minor metadata or configuration adjustments in clawhub.json.
- No changes to code logic or features.
v2.1.0
auto-coding-correctversion v2.1.0
- Updated clawhub.json file.
- No user-facing features or documentation changes in this release.
v2.0.0
Auto-Coding Skill v2.0.0
- Major refactor and redesign of skill structure, with extensive file reorganization and replacement.
- Adds comprehensive documentation and usage guides: USAGE.md, DECOMPOSER_DESIGN.md, OPTIMIZATION_SUMMARY.md, and more.
- Introduces decomposer.py (需求拆解器), deep_analysis.py, delivery_check.py, and significant new workflow scripts.
- Migrates to a new worker-based architecture and completely replaces old workflow and manager scripts.
- Updates metadata and dependency installation instructions to support nanobot ecosystem.
- Removes legacy files related to the old agent-based implementation.
v1.1.0
Auto-Coding Skill v1.1.0 – 上下文管理增强版
- 增强上下文管理,提升多 Agent 代码开发过程中的信息追踪与流程一致性。
- 新增/调整文档说明,增加 CHANGELOG 和 P0/P1 修复报告文档,聚合常用信息至 README.md。
- 移除原有的完整版说明和安全审计文档,精简文档结构。
- 保持“八步循环流程”开发主流程不变。
v3.1.3
Version 3.1.3
- 增加了“安全说明”章节,详细说明了数据流向和权限边界。
- 明确列出不读取敏感信息、不访问网络、不修改系统文件、不直接执行 shell 命令等限制。
- 强化了数据安全与权限说明,便于用户了解使用范围和风险。
- 其它内容保持不变,仅文档补充,无功能和代码变更。
v3.1.2
**Auto-Coding v3.1.2 Changelog**
- Major refactor: migrated to an 8-step, multi-Agent workflow with new core structure and documentation.
- Added: Comprehensive guides and reference docs (README-FULL.md, DEPLOYMENT.md, SECURITY-AUDIT.md, PACKAGE-MANIFEST.md).
- Added: New workflow modules (auto_coding_workflow.py, agent_soul_loader.py, dependency_manager.py, model_selector.py).
- Removed: Legacy files including old core modules, prompts, tests, and configuration (e.g., agent_controller.py, auto_coding_worker.py, requirements.txt, cross_model_validator.py).
- Simplified and clarified SKILL.md to reflect the new eight-step cycle and updated usage recommendations.
- Multi-Agent flow and modular design replaces previous single-worker, cross-validation infrastructure.
v3.1.1
**auto-coding-correctversion v3.1.1**
- Added CHANGELOG.md file.
v3.1.0
Auto-Coding v3.1.0
- Introduced new core modules: agent_evolution.py, auto_coding_worker.py, cross_model_validator.py, model_validator.py, project_manager.py, self_reflection.py, and task_decomposer.py to enhance multi-agent capabilities and testing.
- Added LICENSE and requirements.txt for proper licensing and dependency management.
- Reorganized testing with tests/test_core_components.py; removed obsolete test_auto_coding.py.
- Improved system structure to support advanced features such as cross-model validation, automatic task decomposition, self-reflection, and enhanced project management.
- Aligned documentation and configuration with new modules and workflow.
v1.2.1
- Clarified that the security allowlist in documentation is a reference implementation, not enforced by the skill itself.
- Added notes explaining actual security enforcement depends on the OpenClaw Gateway runtime.
- No functional or code changes; documentation improvements only.
v1.2.0
Auto-Coding Skill 1.2.0
- Major update to documentation with new SKILL.md, providing a complete project overview, features, architecture, security details, usage, and testing instructions.
- Added clear command usage examples for both English and Chinese.
- Expanded and documented security sandbox with specific allowed and blocked commands.
- Detailed known limitations and environment configuration guidance.
- Enhanced project transparency with authorship, licensing, and detailed module structure.
元数据
常见问题
Auto Coding 是什么?
自主编程系统 - 需求拆解、分析需求、找方法、自我反思、迭代优化,达到交付标准. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 401 次。
如何安装 Auto Coding?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install auto-coding-correctversion」即可一键安装,无需额外配置。
Auto Coding 是免费的吗?
是的,Auto Coding 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Auto Coding 支持哪些平台?
Auto Coding 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Auto Coding?
由 Krislu(@krislu1221)开发并维护,当前版本 v2.1.2。
推荐 Skills