← 返回 Skills 市场
wpank

Command Creator

作者 wpank · GitHub ↗ · v0.1.0
cross-platform ⚠ suspicious
1008
总下载
0
收藏
10
当前安装
1
版本数
在 OpenClaw 中安装
/install command-creator
功能描述
WHAT: Create Claude Code slash commands - reusable markdown workflows invoked with /command-name. WHEN: User wants to create, make, or add a slash command. User wants to automate a repetitive workflow or document a consistent process for reuse. KEYWORDS: "create a command", "make a slash command", "add a command", "new command", "/command", "automate this workflow", "make this repeatable"
使用说明 (SKILL.md)

Command Creator

Slash commands are markdown files in .claude/commands/ (project) or ~/.claude/commands/ (global) that expand into prompts when invoked.

Command Structure

---
description: Brief description for /help (required)
argument-hint: \x3Crequired> or [optional] (if takes arguments)
---

# Command Title

[Instructions for agent to execute autonomously]

Creation Workflow

Step 1: Determine Location

  1. Check if in git repo: git rev-parse --is-inside-work-tree
  2. Default: Git repo → .claude/commands/, No git → ~/.claude/commands/
  3. Override if user explicitly says "global" or "project"

Report chosen location before proceeding.

Step 2: Identify Pattern

Load references/patterns.md and present options:

Pattern Structure Use When
Workflow Automation Analyze → Act → Report Multi-step with clear sequence
Iterative Fixing Run → Parse → Fix → Repeat Fix issues until passing
Agent Delegation Context → Delegate → Iterate Complex tasks, user review
Simple Execution Parse → Execute → Return Wrapper for existing tools

Ask: "Which pattern is closest to what you want?"

Step 3: Gather Information

A. Name and Purpose

  • "What should the command be called?" (kebab-case: my-command)
  • "What does it do?" (for description field)

B. Arguments

  • "Does it take arguments? Required or optional?"
  • Required: \x3Cplaceholder>, Optional: [placeholder]

C. Workflow Steps

  • "What specific steps should it follow?"
  • "What tools or commands should it use?"

D. Constraints

  • "Any specific tools to use or avoid?"
  • "Any files to read for context?"

Step 4: Generate Command

Load references/best-practices.md for:

  • Template structure
  • Writing style (imperative form)
  • Quality checklist

Key principles:

  • Use imperative form: "Run X", not "You should run X"
  • Be explicit: "Run make lint", not "Check for errors"
  • Include expected outcomes
  • Define error handling
  • State success criteria

Step 5: Create File

mkdir -p [directory-path]

Write the command file. Report:

  • File location
  • What the command does
  • How to use: /command-name [args]

Step 6: Test (Optional)

Suggest: "Test with /command-name [args]"

Iterate based on feedback.

Writing Guidelines

Imperative form (verb-first):

  • ✅ "Run git status"
  • ❌ "You should run git status"

Specific, not vague:

  • ✅ "Run make lint to check for errors"
  • ❌ "Check for errors"

Include outcomes:

  • ✅ "Run git status - should show modified files"
  • ❌ "Run git status"

Realistic examples:

  • git commit -m "Add OAuth2 authentication"
  • git commit -m "foo bar"

Command Patterns Quick Reference

Workflow Automation

1. Check for .PLAN.md
2. Analyze git status/diff
3. Perform actions
4. Report results

Iterative Fixing

1. Run make all-ci (max 10 iterations)
2. Parse errors by category
3. Apply targeted fixes
4. Repeat until success or stuck

Agent Delegation

1. Present context
2. Invoke subagent with Task tool
3. Iterate with user feedback
4. Save output after approval

See references/examples.md for full command examples.

Quality Checklist

Before finalizing:

  • Name is kebab-case (my-command, not my_command)
  • Description is action-oriented
  • Steps are numbered and specific
  • Tool usage explicitly specified
  • Error handling defined
  • Success criteria stated
  • Uses imperative form

NEVER

  • Use underscores in command names (use hyphens)
  • Write vague instructions ("fix errors")
  • Skip error handling
  • Use second person ("You should...")
  • Create commands without testing
  • Leave success criteria undefined
安全使用建议
This skill is mostly coherent with its goal of authoring slash-command markdown files, but it contains a few red flags you should consider before installing or allowing it to run autonomously: - It references running system tools (git, make, gt) and performing repo-modifying actions (git add, git commit, submitting PRs). Those are legitimate for some command examples, but they have real side effects — only allow the skill in repos where unintended commits/PRs are acceptable. - The manifest claims no required binaries, yet the instructions assume git, make, gt, and platform-specific tools (TodoWrite/Task). Expect to provide or verify those tools are available, or the skill may fail in surprising ways. - There are internal contradictions in the instructions (conflicting guidance about using the Bash tool for make commands). That suggests the content wasn't fully reviewed and could lead the agent to take inconsistent actions. - Because the skill can write files to your home directory or project dirs, review generated command files before using them. If you plan to allow autonomous invocation, restrict it (do not enable wide autonomy) until you confirm the generated commands are safe and the agent's execution scope is limited. Recommendations: - Test the skill in a disposable or non-critical repository first. - Disable autonomous invocation or require user confirmation for any recipe that runs git/add/commit or submits PRs. - If you need stricter controls, ask the skill author to declare required binaries (git, make, gt) and to remove contradictory instructions. - Review and audit any generated command files and any commits/PRs the agent proposes before merging or publishing.
功能分析
Type: OpenClaw Skill Name: command-creator Version: 0.1.0 The 'command-creator' skill is designed to generate new OpenClaw slash commands (executable markdown files) based on user input. This core functionality, detailed in `SKILL.md`, presents a significant prompt injection vulnerability: a malicious user could instruct the agent to create a command containing harmful shell commands or other agent instructions. While the skill itself does not exhibit malicious intent (e.g., no direct data exfiltration or backdoor installation), its ability to generate executable content, perform file system operations (`mkdir -p`, writing files), execute shell commands (`git rev-parse`), and potentially invoke subagents, makes it a high-risk tool that could be exploited to achieve arbitrary code execution or other unauthorized actions when the generated command is subsequently run. The `README.md` also points to an `npx add` installation method, which introduces a supply chain risk.
能力评估
Purpose & Capability
The declared purpose is to create Claude Code slash commands and the SKILL.md, README, and reference docs are all focused on that. However, the instructions reference running tools like git, make, gt, TodoWrite/Task tools and performing repo-level operations (git add/git commit/gt submit) even though the skill's manifest declares no required binaries or environment variables. Not listing expected tool dependencies (git, make, gt, etc.) is an incoherence worth noting, though not necessarily malicious.
Instruction Scope
The instructions explicitly tell the agent to read project files, create directories, and write files under .claude/commands or ~/.claude/commands (which is consistent with creating commands), but they also include patterns and examples that run potentially destructive or high-impact commands: `git add .`, `git commit -m ...`, `gt restack`/`gt submit --stack --publish --no-edit`, and `make all-ci` with automated iterative fixes. The docs also contain contradictory guidance about using the Bash tool for make commands (both 'ALWAYS use Bash tool' and 'DO NOT use Bash tool for make commands' appear), which is a logical inconsistency. Because the skill encourages running repo-modifying commands and automated CI-fix cycles, users should be cautious about allowing autonomous execution or giving the agent repository write privileges.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing is downloaded or written by an installer. That lowers the risk from supply-chain/install-time behavior.
Credentials
The skill declares no required environment variables or credentials. That is appropriate for its stated purpose. Note: many instructions assume availability of external tools (git, make, gt, TodoWrite/Task tools) and access to the user's filesystem, which is consistent with creating command files but should be explicitly documented in requires.* if the skill were to run in environments that enforce declared dependencies.
Persistence & Privilege
The skill does not request 'always: true' or any elevated persistent privileges. It's user-invocable and allows model invocation by default, which is normal. The skill writes files to .claude/commands or ~/.claude/commands as part of its function; that file-writing behavior is expected for this purpose but is a material side effect users should understand before enabling autonomous runs.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install command-creator
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /command-creator 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
- Initial release of command-creator skill. - Guides users through creating reusable Claude Code slash commands as markdown workflows. - Provides step-by-step setup: location selection, pattern choice, naming, argument gathering, and workflow definition. - Includes clear templates, best practices, and a quality checklist for effective command creation. - Supports multiple automation patterns (workflow, iterative fixing, delegation, simple execution). - Offers detailed writing guidelines for style, specificity, and error handling.
元数据
Slug command-creator
版本 0.1.0
许可证
累计安装 14
当前安装数 10
历史版本数 1
常见问题

Command Creator 是什么?

WHAT: Create Claude Code slash commands - reusable markdown workflows invoked with /command-name. WHEN: User wants to create, make, or add a slash command. User wants to automate a repetitive workflow or document a consistent process for reuse. KEYWORDS: "create a command", "make a slash command", "add a command", "new command", "/command", "automate this workflow", "make this repeatable". 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1008 次。

如何安装 Command Creator?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install command-creator」即可一键安装,无需额外配置。

Command Creator 是免费的吗?

是的,Command Creator 完全免费(开源免费),可自由下载、安装和使用。

Command Creator 支持哪些平台?

Command Creator 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Command Creator?

由 wpank(@wpank)开发并维护,当前版本 v0.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论