← 返回 Skills 市场
kaiyuelv

Code Quality Guardian

作者 Lv Lancer · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
173
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install code-quality-guardian
功能描述
代码质量检测器 - 检测代码异味、复杂度、安全漏洞、风格规范等 | Code Quality Guardian - Detect code smells, complexity, security vulnerabilities and style issues
使用说明 (SKILL.md)

🛡️ Code Quality Guardian (代码质量守护者)

Metadata

Field Value
Name code-quality-guardian
Display Name 代码质量守护者
Version 1.0.0
Category Development Tools
Author ClawHub
License MIT

Description

A comprehensive code quality analysis tool supporting Python, JavaScript, and Go. It automatically detects code smells, complexity issues, security vulnerabilities, and style violations.

一款全面的代码质量分析工具,支持 Python、JavaScript 和 Go。自动检测代码异味、复杂度问题、安全漏洞和风格违规。

Features

English

  • Multi-language Support: Python, JavaScript/TypeScript, Go
  • Code Smell Detection: Identifies anti-patterns and design issues
  • Complexity Analysis: Cyclomatic and maintainability metrics via Radon
  • Security Scanning: Detect vulnerabilities with Bandit
  • Style Checking: PEP8, ESLint, and Go fmt compliance
  • Comprehensive Reports: JSON, HTML, and console output formats
  • CI/CD Integration: Easy integration with pipelines
  • Configurable Rules: Customizable thresholds and rule sets

中文

  • 多语言支持: Python、JavaScript/TypeScript、Go
  • 代码异味检测: 识别反模式和设计问题
  • 复杂度分析: 通过 Radon 进行圈复杂度和可维护性指标分析
  • 安全扫描: 使用 Bandit 检测安全漏洞
  • 风格检查: 符合 PEP8、ESLint 和 Go fmt 规范
  • 综合报告: JSON、HTML 和控制台输出格式
  • CI/CD 集成: 易于集成到流水线
  • 可配置规则: 可自定义阈值和规则集

Supported Languages

Language Tools Used File Extensions
Python flake8, pylint, bandit, radon, mypy .py
JavaScript/TypeScript eslint, jshint .js, .jsx, .ts, .tsx
Go go vet, golint, staticcheck .go

Usage

Command Line Interface

# Analyze a Python project
code-quality-guardian analyze --path ./my-project --language python

# Analyze with specific tools only
code-quality-guardian analyze --path ./src --tools flake8,bandit

# Generate HTML report
code-quality-guardian analyze --path . --format html --output report.html

# Check specific complexity threshold
code-quality-guardian analyze --path . --max-complexity 10

Python API

from code_quality_guardian import QualityAnalyzer

# Initialize analyzer
analyzer = QualityAnalyzer(
    language='python',
    tools=['flake8', 'pylint', 'bandit'],
    config_path='.quality.yml'
)

# Run analysis
results = analyzer.analyze('./src')

# Generate report
report = results.to_json()
print(f"Issues found: {results.total_issues}")
print(f"Complexity score: {results.complexity_score}")

Configuration File (.quality.yml)

language: python
tools:
  - flake8
  - pylint
  - bandit
  - radon

thresholds:
  max_complexity: 10
  max_line_length: 100
  min_score: 8.0

ignore:
  - "*/tests/*"
  - "*/migrations/*"
  - "*/venv/*"

flake8:
  max_line_length: 100
  ignore: [E501, W503]

pylint:
  disable: [C0103, R0903]

bandit:
  severity: MEDIUM
  confidence: MEDIUM

Installation

# Install from ClawHub
clawhub install code-quality-guardian

# Or install dependencies manually
pip install -r requirements.txt

Requirements

  • Python 3.8+
  • flake8 >= 6.0.0
  • pylint >= 2.17.0
  • bandit >= 1.7.0
  • radon >= 6.0.0
  • mypy >= 1.0.0 (optional)

Report Types

Console Output (Default)

═══════════════════════════════════════════
   Code Quality Guardian v1.0.0
═══════════════════════════════════════════

📁 Project: my-project
🔤 Language: python
📊 Files analyzed: 42

┌─────────────────────────────────────────┐
│ Issues Summary                          │
├─────────────────────────────────────────┤
│ 🔴 Critical    0                        │
│ 🟠 High        2                        │
│ 🟡 Medium      8                        │
│ 🔵 Low         15                       │
│ 💡 Info        23                       │
├─────────────────────────────────────────┤
│ Total: 48                               │
└─────────────────────────────────────────┘

Complexity: 7.2/10 (Good)
Maintainability: A
Security Score: 95%

JSON Output

{
  "summary": {
    "files_analyzed": 42,
    "total_issues": 48,
    "critical": 0,
    "high": 2,
    "medium": 8,
    "low": 15,
    "info": 23
  },
  "metrics": {
    "complexity": 7.2,
    "maintainability": "A",
    "security_score": 95
  },
  "issues": [...]
}

Exit Codes

Code Meaning
0 No issues found
1 Issues found but within thresholds
2 Threshold exceeded
3 Configuration error
4 Tool execution error

Integrations

GitHub Actions

- name: Code Quality Check
  uses: clawhub/code-quality-guardian@v1
  with:
    language: python
    path: ./src
    fail-on: high

Pre-commit Hook

repos:
  - repo: https://github.com/clawhub/code-quality-guardian
    rev: v1.0.0
    hooks:
      - id: quality-guardian
        args: ['--language', 'python']

License

MIT License - see LICENSE file for details.

Contributing

Contributions are welcome! Please read CONTRIBUTING.md for guidelines.

Changelog

v1.0.0

  • Initial release
  • Support for Python, JavaScript, Go
  • Multi-format reporting
  • CI/CD integration support
安全使用建议
This package appears to be a straightforward code-quality tool. Before installing or running it: (1) review the tool-runner modules (e.g., tools/*) if you want to confirm the exact subprocess/network behavior (they typically call linters/scanners via subprocesses); (2) run it in an isolated environment (virtualenv/container) when first using it, since it suggests installing many linting/security tools; (3) be aware it will read the files you point it at and write reports to disk (no evidence of external exfiltration in the provided files); and (4) if you plan to analyze third-party or sensitive code, audit the included code (or run offline) to ensure it meets your policies.
功能分析
Type: OpenClaw Skill Name: code-quality-guardian Version: 1.0.0 The code-quality-guardian bundle is a legitimate static analysis tool designed to wrap common linters like flake8, bandit, and pylint. It uses the subprocess module safely with argument lists to execute external tools, avoiding shell injection risks. No evidence of data exfiltration, malicious persistence, obfuscation, or prompt injection was found across the codebase or documentation (SKILL.md/README.md).
能力评估
Purpose & Capability
Name/description match the included code and examples: the package implements a QualityAnalyzer, CLI, reporters, and tool runners for flake8/pylint/bandit/radon. Optional JS/Go support is documented and marked as requiring Node/Go, so the declared capabilities align with the code.
Instruction Scope
SKILL.md instructs installing dependencies (pip install -r requirements.txt) and running analyses on arbitrary project paths; that is expected for this tool. Note: running the skill will read project files, invoke linters/scanners (which may run subprocesses), and write reports to disk. The instructions do not attempt to read unrelated system config or exfiltrate data to external endpoints.
Install Mechanism
There is no automatic install spec; the README/SKILL.md recommend pip install -r requirements.txt or installing the package locally. Dependencies are standard PyPI packages; no downloads from unknown URLs or archive extraction observed in the manifest.
Credentials
The skill does not require any credentials or privileged environment variables. It optionally reads QUALITY_GUARDIAN_CONFIG and other QUALITY_GUARDIAN_* env vars for configuration, which is reasonable and documented. No secrets or unrelated service tokens are requested.
Persistence & Privilege
The skill is not always-enabled and does not ask for permanent platform-level privileges. It does not modify other skills or global agent configuration. It will write reports/config files locally if you run it (normal behavior).
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install code-quality-guardian
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /code-quality-guardian 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of Code Quality Guardian. - Supports Python, JavaScript/TypeScript, and Go - Detects code smells, complexity issues, security vulnerabilities, and style violations - Generates comprehensive reports in JSON, HTML, and console formats - Integrates with CI/CD pipelines and pre-commit hooks - Customizable rule sets and thresholds via configuration files
元数据
Slug code-quality-guardian
版本 1.0.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Code Quality Guardian 是什么?

代码质量检测器 - 检测代码异味、复杂度、安全漏洞、风格规范等 | Code Quality Guardian - Detect code smells, complexity, security vulnerabilities and style issues. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 173 次。

如何安装 Code Quality Guardian?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install code-quality-guardian」即可一键安装,无需额外配置。

Code Quality Guardian 是免费的吗?

是的,Code Quality Guardian 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Code Quality Guardian 支持哪些平台?

Code Quality Guardian 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Code Quality Guardian?

由 Lv Lancer(@kaiyuelv)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论