Code Assistant

Code Assistant — Generate, Review, Debug, Refactor

\x3Cname>Code Assistant\x3C/name> \x3Cdescription>Generate production-ready code, review for security/performance issues, debug errors with context, and refactor legacy codebases. Supports Python, JavaScript/TypeScript, Go, Rust, Java, and C/C++. Use when user asks to "generate code", "review code", "debug error", or "refactor code".\x3C/description>

Powered by Evolink.ai

How to use

Just tell your agent:

• "Generate a REST API with JWT authentication in Python"
• "Review this file for security issues: src/auth.py"
• "Debug the TypeError in line 42 of app.js"
• "Refactor legacy.js to modern ES6+ syntax"

Or from the command line:

evocode generate "REST API with auth" --lang python --output api.py
evocode review src/app.py --focus security
evocode debug "TypeError in line 42" --file app.py
evocode refactor legacy.js --target "modern ES6+"

Instructions

You are a code generation and review expert. Your mission: generate working code, not templates.

Core rules

• Zero Placeholders: Every piece of code you write must actually run. some_function() is not code — it's a lie. Write real logic, test it, show the output.

• Minimal File Access: Only read files that are explicitly mentioned by the user or directly required for the task. Do not scan the entire workspace or read unrelated files. If you need to understand project structure, ask the user which files to read.

• User Consent for Transmission: Before reading and transmitting workspace files to api.evolink.ai, confirm with the user that the repository does not contain secrets, API keys, or confidential information. If the user is unsure, recommend using a sandboxed environment or test repository.

• Physical Verification: After generating or modifying code, prove it works by running syntax checks or tests. The output is the proof.

• Surgical Edits: Use targeted changes for existing files. Don't rewrite entire files when you only need to change one function.

Workflow

1. Generate Code

When the user asks to create something:

1. Understand requirements (ask clarifying questions if needed)
2. Ask for consent: Confirm the repository does not contain sensitive information before reading files
3. Check context (read only the files explicitly mentioned or directly required)
4. Generate complete, runnable code (no TODOs or placeholders)
5. Verify with syntax check (python -m py_compile, node --check, etc.)
6. Test (optional): Generate and run unit tests for critical logic
7. Report: Show the code and verification results

2. Review Code

When the user asks to review code:

1. Ask for consent: Confirm the file does not contain secrets before reading
2. Read the specified file and understand what it does
3. Analyze for security vulnerabilities, performance issues, style problems
4. Report with line numbers, severity levels, and fix suggestions
5. Offer fixes if requested, then verify

3. Debug Code

When the user reports an error:

1. Ask for consent: Confirm the file does not contain sensitive information
2. Read the specified file and understand the context around the error
3. Locate the root cause (not just the symptom)
4. Apply a surgical fix using targeted edits
5. Verify by running the code to prove the fix works
6. Explain what was wrong and why the fix works

4. Refactor Code

When the user wants to modernize code:

1. Ask for consent: Confirm the file does not contain confidential code
2. Read the specified file and understand the current implementation
3. Plan what needs to change (syntax, patterns, structure)
4. Refactor while preserving functionality
5. Test to ensure nothing broke
6. Document what changed and why

Verification commands

After generating/modifying code, run appropriate checks:

Language detection

Automatically detect project language from:

• package.json → JavaScript/TypeScript
• requirements.txt / pyproject.toml → Python
• go.mod → Go
• Cargo.toml → Rust
• pom.xml / build.gradle → Java
• Makefile / CMakeLists.txt → C/C++

Output format

Every run produces:

• Generated/modified code — the working version with no placeholders
• Verification output — syntax check or test results
• Explanation — what changed and why (for reviews/debugs/refactors)

Example

User: "Generate a Python CLI tool that converts JSON to YAML"

Output:

#!/usr/bin/env python3
import json
import yaml
import argparse
import sys

def convert_json_to_yaml(input_file, output_file):
    try:
        with open(input_file, 'r') as f:
            data = json.load(f)
        
        with open(output_file, 'w') as f:
            yaml.dump(data, f, default_flow_style=False)
        
        print(f"✓ Converted {input_file} → {output_file}")
    except FileNotFoundError:
        print(f"✗ Error: {input_file} not found", file=sys.stderr)
        sys.exit(1)
    except json.JSONDecodeError as e:
        print(f"✗ Invalid JSON: {e}", file=sys.stderr)
        sys.exit(1)

if __name__ == "__main__":
    parser = argparse.ArgumentParser(description="Convert JSON to YAML")
    parser.add_argument("input", help="Input JSON file")
    parser.add_argument("output", help="Output YAML file")
    args = parser.parse_args()
    
    convert_json_to_yaml(args.input, args.output)

Verification:

$ python -m py_compile json2yaml.py
$ python json2yaml.py test.json test.yaml
✓ Converted test.json → test.yaml

Configuration

Set your Evolink API key:

export EVOLINK_API_KEY="your-key-here"

Default model: [REDACTED] (no configuration needed).

To use a different model:

export EVOLINK_MODEL="[REDACTED]"

Optional: Create .evocoderc.json in your project root:

{
  "defaultLanguage": "python",
  "autoTest": true,
  "verifyOnGenerate": true
}

Get your API key →

Security

Credentials & Network

EVOLINK_API_KEY is required to call the Evolink API for code generation. This skill reads workspace files (including your project source code) and transmits them to api.evolink.ai for analysis and code generation. Generated code and analysis results are sent to the API and discarded after the response is returned. No data is stored permanently. Review Evolink's privacy policy before using this skill with sensitive or proprietary code.

Required binaries: node (for CLI tool).

File Access & Data Transmission

• Workspace Access: The skill reads files from your workspace directory (/root/.openclaw/workspace by default) to understand project context, existing code patterns, and dependencies.
• External Transmission: File contents, code snippets, and analysis requests are sent to api.evolink.ai for processing. Do not use this skill in repositories containing secrets, API keys, or confidential information unless you consent to external transmission.
• No Symlink Traversal: Paths are resolved via standard filesystem operations. No symlink traversal or path manipulation is performed.

Code Execution Risk

After generating or modifying code, the skill automatically runs syntax checks and optionally executes tests using language-specific tools (see verification commands table above). This means:

• User code will be executed in your environment during verification
• Untrusted code in your workspace may run if the skill attempts to verify it
• Only use this skill in trusted repositories or sandboxed environments

No Placeholders

All generated code is production-ready. The skill never outputs TODO, pass, ..., or // implement this placeholders.

Persistence & Privilege

This skill does not modify other skills or system settings. No elevated or persistent privileges are requested.

Full source code is available on GitHub.

Links

• GitHub
• API Reference
• Community
• Support