← 返回 Skills 市场
ryx2

Code Reputation

作者 ryx2 · GitHub ↗ · v1.0.1
cross-platform ⚠ suspicious
826
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install code-reputation
功能描述
Semantic code caching for AI agents. Cache, retrieve, and reuse code from prior agent executions.
使用说明 (SKILL.md)

Code Cache - Semantic Code Caching for AI Agents

This skill enables semantic code caching via the Raysurfer API.

What It Does

When your agent generates and executes code, Code Cache stores it. When a similar task comes up later, the agent can retrieve and run the cached code instead of regenerating it—saving time and tokens.

Setup

Get your API key from the Raysurfer dashboard and configure it:

# Via environment variable
export RAYSURFER_API_KEY=your_api_key_here

# Or via OpenClaw config
openclaw config set skills.entries.code-cache.apiKey "your_api_key_here"

Available Commands

Search for cached code

/code-cache search \x3Ctask description> [--top-k N] [--min-score FLOAT] [--show-code]

Search for cached code snippets that match a natural language task description.

Options:

  • --top-k N — Maximum number of results (default: 5)
  • --min-score FLOAT — Minimum verdict score filter (default: 0.3)
  • --show-code — Display the source code of the top match

Example:

/code-cache search "Generate a quarterly revenue report"
/code-cache search "Fetch GitHub trending repos" --top-k 3 --show-code

Get code files for a task

/code-cache files \x3Ctask description> [--top-k N] [--cache-dir DIR]

Retrieve code files ready for execution, with a pre-formatted prompt addition for your LLM.

Options:

  • --top-k N — Maximum number of files (default: 5)
  • --cache-dir DIR — Output directory (default: .code_cache)

Example:

/code-cache files "Fetch GitHub trending repos"
/code-cache files "Build a chart" --cache-dir ./cached_code

Upload code to cache

/code-cache upload \x3Ctask> --files \x3Cpath> [\x3Cpath>...] [--failed] [--no-auto-vote]

Upload code from an execution to the cache for future reuse.

Options:

  • --files, -f — Files to upload (required, can specify multiple)
  • --failed — Mark the execution as failed (default: succeeded)
  • --no-auto-vote — Disable automatic voting on stored code blocks

Example:

/code-cache upload "Build a chart" --files chart.py
/code-cache upload "Data pipeline" -f extract.py transform.py load.py
/code-cache upload "Failed attempt" --files broken.py --failed

Vote on cached code

/code-cache vote \x3Ccode_block_id> [--up|--down] [--task TEXT] [--name TEXT] [--description TEXT]

Vote on whether cached code was useful. This improves retrieval quality over time.

Options:

  • --up — Upvote / thumbs up (default)
  • --down — Downvote / thumbs down
  • --task — Original task description (optional)
  • --name — Code block name (optional)
  • --description — Code block description (optional)

Example:

/code-cache vote abc123 --up
/code-cache vote xyz789 --down --task "Generate report"

How It Works

  1. Cache Hit: When you ask for code similar to something previously executed, Code Cache returns the cached version instantly
  2. Cache Miss: When no match exists, your agent generates code normally, then Code Cache stores it for future use
  3. Verdict Scoring: Code that works gets 👍, code that fails gets 👎—retrieval improves over time

API Reference

The skill wraps these Raysurfer API methods:

Method Description
search(task, top_k, min_verdict_score) Unified search for cached code snippets
get_code_files(task, top_k, cache_dir) Get code files ready for sandbox execution
upload_new_code_snips(task, files_written, succeeded, auto_vote) Store new code after execution
vote_code_snip(task, code_block_id, code_block_name, code_block_description, succeeded) Vote on snippet usefulness

Why Code Caching?

LLM agents repeat the same patterns constantly. Instead of regenerating code every time:

  • 30x faster: Retrieve proven code instead of waiting for generation
  • Lower costs: Reduce token usage by reusing cached solutions
  • Higher quality: Cached code has been validated and voted on
  • Consistent output: Same task = same proven solution

Learn more at raysurfer.com or read the documentation.

安全使用建议
This skill does what it says: it sends and retrieves code to/from Raysurfer using the RAYSURFER_API_KEY. Before installing or using it: (1) Only provide the RAYSURFER_API_KEY if you trust the Raysurfer service and the account scope matches what you intend. (2) Never upload files that contain secrets (API keys, passwords, private keys) or PII — uploaded files are sent to the external service for caching. (3) When using retrieved code, review it before executing in your environment; cached snippets could contain unsafe operations. (4) The Python 'raysurfer' package is required — install it from PyPI and inspect its code if you have concerns. If you need stronger guarantees, ask for a version that supports client-side redaction or explicit filtering of sensitive content before upload.
功能分析
Type: OpenClaw Skill Name: code-reputation Version: 1.0.1 The skill is designed for semantic code caching via the Raysurfer API, which involves reading and writing code files locally and communicating with a remote service. It is classified as suspicious due to significant vulnerabilities in `code_cache.py`. Specifically, the `cmd_files` function writes arbitrary content received from the `raysurfer.com` API to a user-specified `--cache-dir`, which could lead to arbitrary file write and potential Remote Code Execution (RCE) if an AI agent is prompted to use a sensitive directory or if the Raysurfer service is compromised. Additionally, the `cmd_upload` function reads local files specified by the user and sends their content to `raysurfer.com`, posing a data exfiltration risk if an agent is tricked into uploading sensitive files. While these capabilities are plausible for the skill's stated purpose, the lack of robust input sanitization and path restrictions makes them high-risk.
能力评估
Purpose & Capability
Name/description (semantic code caching) aligns with the implementation and declared requirement. The skill calls a Raysurfer client, exposes search/files/upload/vote commands, and declares RAYSURFER_API_KEY as the required credential — all of which are expected for a remote code-cache integration.
Instruction Scope
SKILL.md and the CLI instruct the agent/user to retrieve, write, and upload code files. The skill writes retrieved files to a cache directory and reads local files you specify when uploading. This is expected for the feature, but it means user files (including any embedded secrets) will be transmitted to Raysurfer when you run upload — the instructions do not attempt to read arbitrary system files without user-specified paths.
Install Mechanism
There is no install spec; the skill is instruction-only and ships a Python CLI that depends on the public 'raysurfer' package. No external downloads or obscure URLs are used. The only install requirement is a standard Python package (raysurfer), which is proportional to the declared functionality.
Credentials
Only a single environment variable (RAYSURFER_API_KEY) is required and is the declared primary credential — this matches the skill's purpose. Be aware that this key grants access to the external Raysurfer account, and any code contents you upload will be accessible to that service. Do not store secrets or credentials inside code you plan to upload.
Persistence & Privilege
The skill does not request 'always: true' or any elevated platform privileges. It doesn't attempt to change other skills' configs. Normal autonomous invocation is allowed (disable-model-invocation is false) which is expected for skills; nothing else requests persistent system-level privileges.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install code-reputation
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /code-reputation 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Fix upload/search compatibility with current Raysurfer SDK fields
v1.0.0
Initial release: semantic code caching for AI agents via Raysurfer API
元数据
Slug code-reputation
版本 1.0.1
许可证
累计安装 0
当前安装数 0
历史版本数 2
常见问题

Code Reputation 是什么?

Semantic code caching for AI agents. Cache, retrieve, and reuse code from prior agent executions. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 826 次。

如何安装 Code Reputation?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install code-reputation」即可一键安装,无需额外配置。

Code Reputation 是免费的吗?

是的,Code Reputation 完全免费(开源免费),可自由下载、安装和使用。

Code Reputation 支持哪些平台?

Code Reputation 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Code Reputation?

由 ryx2(@ryx2)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论