← 返回 Skills 市场
3638
总下载
2
收藏
17
当前安装
1
版本数
在 OpenClaw 中安装
/install codebuddy-code
功能描述
CodeBuddy Code CLI installation, configuration and usage guide. CodeBuddy Code is Tencent's AI-powered CLI programming assistant supporting natural language driven development.
- MANDATORY TRIGGERS: CodeBuddy, codebuddy, AI CLI, Tencent AI coding, @tencent-ai/codebuddy-code, terminal AI assistant
- Use when: installing CodeBuddy CLI, configuring CodeBuddy, using CodeBuddy commands, troubleshooting CodeBuddy issues
使用说明 (SKILL.md)
CodeBuddy CLI Skill
AI-powered terminal programming assistant from Tencent.
Installation
# Check prerequisites
node -v # Requires Node.js 18+
npm -v
# Install globally
npm install -g @tencent-ai/codebuddy-code
# Verify
codebuddy --version
Quick Start
- Navigate to project directory
- Run
codebuddyto start interactive session - Choose login method:
- Google/GitHub: International version (Gemini, GPT models)
- WeChat (微信): China version (DeepSeek models)
CLI Arguments
| Argument | Description |
|---|---|
codebuddy "\x3Cprompt>" |
Execute single task |
-y / --dangerously-skip-permissions |
Skip permission confirmations (sandbox only) |
-p / --print |
Single execution mode (requires -y for file ops) |
--permission-mode \x3Cmode> |
acceptEdits, bypassPermissions, default, plan |
--version |
Show version |
Examples
# Interactive mode
codebuddy
# Single task
codebuddy "帮我优化这个函数的性能"
codebuddy "生成这个 API 的单元测试"
codebuddy "检查这次提交的代码质量"
# Skip permissions (sandbox only)
codebuddy -p "Review code quality" -y
Slash Commands
| Command | Description |
|---|---|
/help |
Display available commands |
/status |
Show account info and current model |
/login |
Switch accounts |
/logout |
Sign out |
/clear |
Reset conversation history |
/exit |
End session |
/config |
Open configuration |
/doctor |
Diagnose issues |
/cost |
Token usage statistics |
/init |
Generate CODEBUDDY.md project guide |
/memory |
Edit project memory files |
Type ? during session for keyboard shortcuts.
Custom Commands
Create .md files in:
- Project:
.codebuddy/commands/ - Global:
~/.codebuddy/commands/
Update
npm install -g @tencent-ai/codebuddy-code
Security Notes
--dangerously-skip-permissions risks: file deletion, scope creep, data loss. Never use in production.
安全使用建议
This skill is a coherent install/use guide for a CodeBuddy CLI, but the SKILL.md does not provide a homepage or source repository to verify the npm package. Before running npm install -g @tencent-ai/codebuddy-code: 1) look up the package on the npm registry and confirm the publisher/organization is legitimate (check the maintainer/owner and package versions); 2) find and review the project repo or homepage (if available) to inspect code or at least read README and issues; 3) prefer running via npx or in a container/sandbox first instead of a global install; 4) avoid using the -y/--dangerously-skip-permissions flag in real projects; 5) if you must install globally, inspect package contents or run virus/malware scans and consider limiting network/credential access for the first runs. If you can provide the package/npm link or repository, I can re-evaluate with higher confidence.
功能分析
Type: OpenClaw Skill
Name: codebuddy-code
Version: 1.0.1
The skill is classified as suspicious due to the explicit documentation of highly risky CLI arguments, specifically `--dangerously-skip-permissions` and `--permission-mode bypassPermissions`, within the `SKILL.md` file. These instructions teach the AI agent how to bypass security confirmations for file operations, which the documentation itself warns can lead to 'file deletion, scope creep, data loss.' While the skill includes a warning against using these flags in production, their presence and example usage create a significant prompt injection vulnerability, allowing a malicious user to potentially trick the agent into performing unauthorized and harmful file system actions.
能力评估
Purpose & Capability
Name/description match the instructions: the SKILL.md describes installing and using a CodeBuddy CLI and all steps (npm install, CLI commands, config paths) are consistent with that purpose. The triggers and usage contexts align with a CLI assistant.
Instruction Scope
Runtime instructions are limited to installing the npm package, running the CLI, using its flags and commands, and where to place custom command files. There are no instructions to read unrelated system files, exfiltrate data, or access unrelated environment variables. The guide warns about the risky -y flag.
Install Mechanism
The skill is instruction-only and tells users to run npm install -g @tencent-ai/codebuddy-code — this is a normal install flow for a CLI. However, the skill metadata lacks a homepage or source repository, so the authenticity of the npm package cannot be verified from the skill alone; that raises a trust/typosquatting concern when installing a global package.
Credentials
The skill does not request environment variables or credentials. It mentions login methods (Google/GitHub/WeChat) as user-facing auth flows, which is appropriate and expected for a CLI that interacts with remote models.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent platform privileges. It only instructs installing a global CLI (which is user-level persistence) and writing config/custom commands to ~/.codebuddy or a project folder — these are standard for a CLI tool.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install codebuddy-code - 安装完成后,直接呼叫该 Skill 的名称或使用
/codebuddy-code触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
- Added detailed CLI installation, configuration, and usage guide for CodeBuddy Code (Tencent's AI-powered programming assistant).
- Documented login methods, CLI arguments, slash commands, and usage examples for both sandbox and production environments.
- Included instructions for creating custom commands and updating the tool.
- Provided important security warnings for potentially dangerous flags.
- This version enhances onboarding and supports troubleshooting for all users of the CodeBuddy CLI.
元数据
常见问题
CodeBuddy Code for OpenClaw 是什么?
CodeBuddy Code CLI installation, configuration and usage guide. CodeBuddy Code is Tencent's AI-powered CLI programming assistant supporting natural language driven development. - MANDATORY TRIGGERS: CodeBuddy, codebuddy, AI CLI, Tencent AI coding, @tencent-ai/codebuddy-code, terminal AI assistant - Use when: installing CodeBuddy CLI, configuring CodeBuddy, using CodeBuddy commands, troubleshooting CodeBuddy issues. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 3638 次。
如何安装 CodeBuddy Code for OpenClaw?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install codebuddy-code」即可一键安装,无需额外配置。
CodeBuddy Code for OpenClaw 是免费的吗?
是的,CodeBuddy Code for OpenClaw 完全免费(开源免费),可自由下载、安装和使用。
CodeBuddy Code for OpenClaw 支持哪些平台?
CodeBuddy Code for OpenClaw 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 CodeBuddy Code for OpenClaw?
由 Jiayu(@pmwalkercao)开发并维护,当前版本 v1.0.1。
推荐 Skills