← 返回 Skills 市场

Cognitive Debt Guard

Name: Cognitive Debt Guard
Author: aptratcn

作者 Erwin · GitHub ↗ · v2.0.0 · MIT-0

cross-platform ✓ 安全检测通过

总下载

当前安装

版本数

在 OpenClaw 中安装

/install cognitive-debt-guard

功能描述

Cognitive Debt Guard - Prevent the 23.5% incident spike from AI-generated code. Comprehension gates, review frameworks, and AI-free zones. Based on 2026 rese...

使用说明 (SKILL.md)

Cognitive Debt Guard 🧠

Prevent the 23.5% incident spike from AI-generated code.

The Problem (2026 Research)

Metric	Impact
Incident rate	+23.5% per PR with AI code
Code churn	3.1% → 5.7% (nearly doubled)
Developer speed	-19% slower with AI tools (experienced devs)
Trust in AI output	33% (down from higher)

Root cause: Teams ship code faster than they understand it.

Definition: Cognitive debt = the gap between what your codebase does and what your team comprehends about it.

Unlike technical debt (code you know is bad), cognitive debt is code you don't even know is bad — because you never understood it.

The Solution: 5 Patterns

Pattern 1: Maintain MEMORY.md 🔒

Living architecture context for humans and AI agents.

# MEMORY.md Template

## Architecture Decisions
- [Decision 1]: Why we chose X over Y
- [Decision 2]: Trade-offs we accepted

## AI-Free Zones (human must own completely)
- Authentication & authorization
- Payment processing
- Data deletion
- Database migrations
- Security-critical paths

## Conventions
- Naming: [rules]
- Error handling: [pattern]
- Testing: [requirements]

## Known Constraints
- [Performance requirement]
- [Compliance requirement]
- [Integration dependency]

Rule: MEMORY.md is open in editor at all times when working with AI.

Pattern 2: Comprehension Gate 🔒

3 questions before accepting AI-generated code:

Before you click "Accept" on AI output:

1. Can I explain what this code does in plain language?
   [ ] Yes → Continue
   [ ] No → STOP. Read until you can.

2. Can I trace the data flow from input to output?
   [ ] Yes → Continue
   [ ] No → STOP. Add comments or simplify.

3. If this breaks in production, would I know where to look?
   [ ] Yes → Accept
   [ ] No → STOP. Add logging or documentation.

Rule: All 3 must be YES before merge.

Pattern 3: Pair with Agents, Don't Delegate 🔒

Active Use ✅	Passive Use ❌
Prompt → Read → Understand → Modify → Ship	Prompt → Accept → Ship → Forget
You steer, AI fills	AI decides, you accept
Comprehension maintained	Cognitive debt accumulates

Rule: Never accept >50 lines of AI code without reading and understanding every line.

Pattern 4: Shrink the Blast Radius 🔒

AI-assisted PR limits:

Constraint	Limit
Max lines per AI PR	200
Concerns per PR	1
Test coverage on AI paths	100%
Files touched	≤5

Why: Smaller PRs = easier to comprehend = less cognitive debt.

Pattern 5: Quarterly Comprehension Audit 🔒

90-minute sprint ceremony:

## Cognitive Debt Audit Agenda

1. Review top 5 AI-heaviest PRs from last quarter
2. For each PR, ask:
   - Can we still explain what it does?
   - Have we had incidents related to it?
   - Is documentation up to date?
3. Identify cognitive debt hotspots
4. Plan debt reduction for next sprint
5. Update MEMORY.md with new learnings

Code Review Framework (5 Layers)

When reviewing AI-generated code:

Layer 1: Comprehension
- Can I understand this without running it?
- Is naming clear?
- Is complexity justified?

Layer 2: Correctness
- Does it do what it claims?
- Edge cases covered?
- Error handling present?

Layer 3: Integration
- Fits existing patterns?
- No duplicate functionality?
- Dependencies appropriate?

Layer 4: Security
- No exposed secrets?
- Input validation?
- AI-free zone respected?

Layer 5: Maintainability
- Tests included?
- Documentation added?
- Will I understand this in 6 months?

Trigger Phrases

This skill activates when:

User accepts AI-generated code
User asks about code review
User mentions "AI code", "generated code", "copilot wrote"
User is about to merge AI-assisted PR
User asks "should I accept this?"

Quick Reference Card

Before Accepting AI Code:
1. Read it (all of it)
2. Explain it (out loud if needed)
3. Trace data flow
4. Check AI-free zone
5. Limit: 200 lines, 1 concern

Integration

EVR Framework — Verify comprehension before claiming "reviewed"
Systematic Debugging — When cognitive debt causes incidents
Memory Guard — MEMORY.md persists across sessions

Statistics (cite in discussions)

METR 2025: -19% speed for experienced devs using AI
Cortex 2026: +23.5% incidents per PR
GitClear: Code churn 3.1% → 5.7%
Stack Overflow 2025: 33% trust in AI output

License

MIT

安全使用建议

This skill is coherent with its advertised purpose: it's an advisory/framework skill that doesn't request secrets or install code. Things to consider before enabling: (1) The README suggests copying SKILL.md into agent-specific directories—perform those file writes yourself rather than allowing an unfamiliar agent to modify your home/workspace. (2) The 'MEMORY.md open at all times' and AI-free zones are organizational rules, not technical enforcements—decide whether those AI-free zones align with your project. (3) The triggers are broad; if you don't want frequent automatic activations, restrict the skill's invocation or require manual invocation. (4) The guidance is opinionated (strict PR size and test coverage rules); adapt thresholds to your team's needs. If you want lower friction, test the skill in a single repo or a limited agent role first.

功能分析

Type: OpenClaw Skill Name: cognitive-debt-guard Version: 2.0.0 The 'cognitive-debt-guard' skill is a process-oriented framework designed to mitigate risks associated with AI-generated code by enforcing comprehension gates and code review standards. The bundle consists entirely of Markdown documentation and instructions (SKILL.md, DEBT_INDICATORS.md, README.md) that promote software engineering best practices such as maintaining architecture context (MEMORY.md), limiting PR size, and identifying code smells. There are no executable scripts, network calls, or malicious instructions intended to exfiltrate data or bypass security controls.

能力标签

cryptocan-make-purchases

能力评估

✓ Purpose & Capability

Name, description, and runtime instructions align: the skill provides human-centered review patterns, comprehension gates, and documentation templates. It requires no binaries, env vars, or installs, which is proportionate for an advisory / review skill.

ℹ Instruction Scope

SKILL.md is focused on review workflows and policies (MEMORY.md template, comprehension gate, audit agenda, code-review layers). It includes guidance that can affect local files (Quick Start cp commands to place SKILL.md in agent-specific directories and a rule that MEMORY.md be kept open), which is reasonable for adoption instructions but means the agent/user may be advised to write files into home/workspace paths. The instructions do not request secrets or direct exfiltration, but they are prescriptive about developer behavior and repository practices.

✓ Install Mechanism

No install spec or code to download; instruction-only skills present lower risk because nothing is automatically written/executed by an installer.

✓ Credentials

The skill requests no environment variables, credentials, or config paths. All recommended artifacts (MEMORY.md, SKILL.md) are implementation guides and do not require secrets.

ℹ Persistence & Privilege

always:false (normal). The skill lists broad trigger phrases (e.g., 'accept this', 'AI code', 'merge AI-assisted PR') and so may activate often if the agent is allowed to invoke skills autonomously. That autonomous invocation is the platform default; the combination of broad triggers and automatic invocation means you should confirm you want it to run automatically in your workflows.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install cognitive-debt-guard
安装完成后，直接呼叫该 Skill 的名称或使用 /cognitive-debt-guard 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v2.0.0

v2: Complete README rewrite

元数据

Slug cognitive-debt-guard

版本 2.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题