← 返回 Skills 市场
charlie-morrison

Codebase Onboarder

作者 charlie-morrison · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
47
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install codebase-onboarder
功能描述
AI-powered codebase analysis — generate architecture docs, onboarding guides, and key-flow walkthroughs for any project. Use when joining a new codebase, onb...
使用说明 (SKILL.md)

Codebase Onboarder

Analyze any codebase and produce a structured onboarding guide. Covers architecture, key flows, patterns, dependencies, entry points, and gotchas — the things that take weeks to figure out by reading code.

Use when: someone says "help me understand this codebase", "onboard me", "document this project", or "what does this repo do".

Analysis Steps

Run these in order. Each step informs the next.

1. Project Identity

# What is this?
cat README.md 2>/dev/null || cat readme.md 2>/dev/null
cat package.json 2>/dev/null | jq '{name, description, scripts}'
cat pyproject.toml 2>/dev/null | head -30
cat Cargo.toml 2>/dev/null | head -20
cat go.mod 2>/dev/null | head -10
cat Makefile 2>/dev/null | head -40

Determine: language, framework, purpose, build system.

2. Project Structure

# Directory tree (depth 3, ignore noise)
find . -maxdepth 3 -type d \
  -not -path '*/node_modules/*' \
  -not -path '*/.git/*' \
  -not -path '*/vendor/*' \
  -not -path '*/__pycache__/*' \
  -not -path '*/dist/*' \
  -not -path '*/build/*' \
  -not -path '*/.next/*' \
  -not -path '*/target/*' \
  | head -80

# Count files by extension
find . -type f -not -path '*/node_modules/*' -not -path '*/.git/*' \
  | sed 's/.*\.//' | sort | uniq -c | sort -rn | head -15

Map the architecture: where does business logic live, where are configs, where are tests, what's the convention.

3. Entry Points

# Web apps
grep -rl "listen\|createServer\|app\.run\|uvicorn\|Flask(__name__)" --include="*.{js,ts,py,go,rb}" . 2>/dev/null | head -10

# CLI tools
grep -rl "if __name__\|func main\|fn main\|bin.*:" --include="*.{py,go,rs,json}" . 2>/dev/null | head -10

# Config-declared entry points
cat package.json 2>/dev/null | jq '.main, .bin, .scripts.start, .scripts.dev'
cat pyproject.toml 2>/dev/null | grep -A5 'scripts\|entry_points'

Identify: where does execution start, what are the main scripts/commands, how do you run it locally.

4. Dependencies & Stack

# Key dependencies (not all — just the important ones)
cat package.json 2>/dev/null | jq '.dependencies | keys' | head -20
cat requirements.txt 2>/dev/null | head -20
cat go.mod 2>/dev/null | grep -v '//' | tail -20
cat Cargo.toml 2>/dev/null | grep -A50 '\[dependencies\]' | head -30

Identify: database (postgres, mongo, redis), framework (express, fastapi, gin), ORM, auth, queue, cloud SDKs. These define the project's personality.

5. Data Layer

# Database schemas, migrations, models
find . -type f \( -name "*.sql" -o -name "*migration*" -o -name "*schema*" -o -name "*model*" \) \
  -not -path '*/node_modules/*' 2>/dev/null | head -20

# ORM models
grep -rl "class.*Model\|@Entity\|schema\.\|CREATE TABLE\|db\.Column" \
  --include="*.{py,ts,js,go,rb,java}" . 2>/dev/null | head -10

Map: what are the core data entities, how are they related, where do migrations live.

6. API Surface

# REST routes
grep -rn "app\.\(get\|post\|put\|delete\|patch\)\|@app\.route\|router\.\(get\|post\)\|@Get\|@Post\|@Controller" \
  --include="*.{ts,js,py,go,rb,java}" . 2>/dev/null | head -30

# GraphQL
find . -name "*.graphql" -o -name "*.gql" -o -name "*schema*" -name "*.graphql" 2>/dev/null | head -10
grep -rl "type Query\|type Mutation\|@Query\|@Mutation" --include="*.{ts,js,py,go}" . 2>/dev/null | head -10

List the key endpoints/operations, grouped by domain.

7. Config & Environment

# Environment variables
cat .env.example 2>/dev/null || cat .env.sample 2>/dev/null || cat .env.template 2>/dev/null
grep -rh "process\.env\.\|os\.environ\|os\.getenv\|env::\|std::env" \
  --include="*.{ts,js,py,go,rs,rb}" . 2>/dev/null | sort -u | head -30

Document: what env vars are needed, which are secrets, what services need to be running.

8. Testing

# Test structure
find . -type f \( -name "*test*" -o -name "*spec*" -o -name "*_test.*" \) \
  -not -path '*/node_modules/*' 2>/dev/null | head -20

# How to run tests
cat package.json 2>/dev/null | jq '.scripts.test'
grep -r "pytest\|jest\|mocha\|vitest\|go test\|cargo test" Makefile* 2>/dev/null

9. CI/CD & Deployment

ls -la .github/workflows/ 2>/dev/null
ls -la .gitlab-ci.yml 2>/dev/null
cat Dockerfile 2>/dev/null | head -20
cat docker-compose.yml 2>/dev/null | head -30
ls -la k8s/ kubernetes/ helm/ 2>/dev/null

Output Template

After analysis, produce a document with these sections:

# [Project Name] — Onboarding Guide

## What This Is
One paragraph: what it does, who it's for, what problem it solves.

## Tech Stack
- Language: X
- Framework: X
- Database: X
- Key dependencies: X, Y, Z

## Architecture
Describe the high-level architecture in 3-5 sentences. Include a simple diagram if helpful:
- Monolith / microservices / serverless
- Request flow: client → API → service → database
- Key patterns: MVC, event-driven, CQRS, etc.

## Directory Map
| Path | Purpose |
|------|---------|
| src/api/ | REST endpoints |
| src/services/ | Business logic |
| src/models/ | Database models |
| ... | ... |

## Key Flows
Walk through 2-3 critical user journeys:
1. **User signup** — POST /auth/register → validate → hash password → insert user → send email → return token
2. **Place order** — POST /orders → check inventory → charge payment → create order → notify warehouse

## Getting Started
Step-by-step: clone, install, configure env, seed database, run locally.

## Gotchas
Things that are non-obvious, surprising, or likely to trip someone up:
- "The auth middleware silently returns 200 on missing tokens (legacy behavior)"
- "Tests require a running Redis instance on port 6380 (not default)"
- "The migration in 0042 takes 20 minutes on large datasets"

## Where to Look
| I want to... | Look at... |
|--------------|-----------|
| Add an API endpoint | src/api/routes/ |
| Change the database schema | src/models/ + migrations/ |
| Debug auth issues | src/middleware/auth.ts |
| Understand the build | Makefile + .github/workflows/ |

Tips

  • Read tests first — they document behavior better than comments
  • Check git log for the most-changed files — those are the hot paths
  • Look at recent PRs for coding conventions and review standards
  • If something is confusing, it's a gotcha worth documenting
安全使用建议
This skill appears to do what it says (scan a repo and produce onboarding docs) but take these precautions before installing or running it: - Ensure the runtime environment has the common CLI tools the SKILL.md expects (jq, grep, find, sed, head, tail). The metadata did not declare jq, so the script may fail or the author omitted a dependency. - Be aware the instructions explicitly read .env and other config files. If your repo contains secrets or credentials, run the skill in a safe, isolated copy of the repo (or remove/redact secrets first). - Review outputs the agent will produce or transmit. If the agent sends analysis off-host (not stated here, but possible in your agent configuration), it could leak sensitive contents extracted from the repo. - If you want tighter safety, modify the SKILL.md or run the skill only on sanitized repositories (strip .env, credentials, and private keys) or restrict network egress for the agent that uses this skill. - If the agent will run these shell commands autonomously, verify it will run them in the intended working directory and with least privilege; consider running the analysis locally yourself first to confirm the results and any sensitive data exposure.
功能分析
Type: OpenClaw Skill Name: codebase-onboarder Version: 1.0.0 The codebase-onboarder skill is a legitimate tool designed to automate the analysis of a software project for documentation purposes. It uses standard read-only shell commands (cat, grep, find, jq) to identify project structure, dependencies, entry points, and API routes across various languages and frameworks. There are no signs of data exfiltration, malicious execution, or prompt injection; it specifically targets example environment files (.env.example) rather than active secrets, aligning perfectly with its stated goal of generating onboarding guides.
能力标签
cryptocan-make-purchases
能力评估
Purpose & Capability
The name/description (codebase onboarding) aligns with the instructions: everything the SKILL.md does is about scanning a repository and summarizing it. However the runtime commands use utilities (notably jq) while the skill declares no required binaries — a minor mismatch that could cause errors or indicates the author omitted declared requirements.
Instruction Scope
The SKILL.md explicitly instructs the agent to read many repository files (README, package.json, pyproject.toml, .env.* examples, migrations, Dockerfiles, CI configs, etc.). This is exactly what an onboarder needs, but it also means the agent will access any secrets or credentials stored in the repo (e.g., .env, .env.example, config files). There are no instructions to access system paths outside the repo or to send data to unexpected external endpoints, which is good.
Install Mechanism
No install spec or code is provided (instruction-only), so nothing is written to disk by the skill itself. This minimizes install-time risk. The SKILL.md does assume standard shell utilities are available.
Credentials
The skill requests no environment variables or credentials, which is proportionate. However, it directs the agent to read .env and other local configuration files (which may contain secrets) without guidance to redact or treat them as sensitive. Also the SKILL.md uses jq but the skill metadata does not declare jq as a required binary.
Persistence & Privilege
always:false and no install hooks are present. The skill does not request persistent system-wide changes or privileges beyond reading files in the repository working directory.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install codebase-onboarder
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /codebase-onboarder 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: AI-powered codebase analysis with structured onboarding guide output
元数据
Slug codebase-onboarder
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Codebase Onboarder 是什么?

AI-powered codebase analysis — generate architecture docs, onboarding guides, and key-flow walkthroughs for any project. Use when joining a new codebase, onb... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 47 次。

如何安装 Codebase Onboarder?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install codebase-onboarder」即可一键安装,无需额外配置。

Codebase Onboarder 是免费的吗?

是的,Codebase Onboarder 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Codebase Onboarder 支持哪些平台?

Codebase Onboarder 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Codebase Onboarder?

由 charlie-morrison(@charlie-morrison)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论