← 返回 Skills 市场
81
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install cronlint
功能描述
Scheduled task & cron job anti-pattern analyzer -- detects overlapping execution risks, timezone scheduling errors, missing error recovery, resource contenti...
使用说明 (SKILL.md)
\r \r
CronLint -- Scheduled Task & Cron Job Anti-Pattern Analyzer\r
\r CronLint scans codebases for scheduled task and cron job anti-patterns: overlapping execution risks, timezone scheduling errors, missing error recovery, resource contention, lifecycle management issues, and observability gaps. It uses regex-based pattern matching against 90 scheduling-specific patterns across 6 categories, lefthook for git hook integration, and produces markdown reports with actionable remediation guidance. 100% local. Zero telemetry.\r \r Note: CronLint focuses on cron jobs, schedulers (node-cron, APScheduler, Quartz, Celery beat, Bull/BullMQ), setInterval/setTimeout scheduling, Kubernetes CronJobs, and periodic task code. It detects anti-patterns in scheduling logic, not HTTP cron endpoints.\r \r
Commands\r
\r
Free Tier (No license required)\r
\r
cronlint scan [file|directory]\r
One-shot scheduling quality scan of files or directories.\r \r How to execute:\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" --path [target]\r
```\r
\r
**What it does:**\r
1. Accepts a file path or directory (defaults to current directory)\r
2. Discovers all source files (skips .git, node_modules, binaries, images, .min.js)\r
3. Runs 30 scheduling patterns against each file (free tier limit)\r
4. Calculates a scheduling quality score (0-100) per file and overall\r
5. Grades: A (90-100), B (80-89), C (70-79), D (60-69), F (\x3C60)\r
6. Outputs findings with: file, line number, check ID, severity, description, recommendation\r
7. Exit code 0 if score >= 70, exit code 1 if scheduling quality is poor\r
8. Free tier limited to first 30 patterns (OE + TZ categories)\r
\r
**Example usage scenarios:**\r
- "Scan my code for cron job issues" -> runs `cronlint scan .`\r
- "Check this file for scheduling anti-patterns" -> runs `cronlint scan src/scheduler.ts`\r
- "Find overlapping cron execution risks" -> runs `cronlint scan src/`\r
- "Audit timezone handling in scheduled tasks" -> runs `cronlint scan .`\r
- "Check for missing error handling in cron jobs" -> runs `cronlint scan .`\r
\r
### Pro Tier ($19/user/month -- requires CRONLINT_LICENSE_KEY)\r
\r
#### `cronlint scan --tier pro [file|directory]`\r
Extended scan with 60 patterns covering overlap, timezone, error recovery, and resource contention.\r
\r
**How to execute:**\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" --path [target] --tier pro\r
```\r
\r
**What it does:**\r
1. Validates Pro+ license\r
2. Runs 60 scheduling patterns (OE, TZ, ER, RC categories)\r
3. Detects missing error recovery and retry logic in scheduled jobs\r
4. Identifies resource contention: every-minute crons, unbounded queries, no rate limiting\r
5. Full category breakdown reporting\r
\r
#### `cronlint scan --format json [directory]`\r
Generate JSON output for CI/CD integration.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" --path [directory] --format json\r
```\r
\r
#### `cronlint scan --format html [directory]`\r
Generate HTML report for browser viewing.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" --path [directory] --format html\r
```\r
\r
#### `cronlint scan --category OE [directory]`\r
Filter scan to a specific check category (OE, TZ, ER, RC, LM, OB).\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" --path [directory] --category OE\r
```\r
\r
### Team Tier ($39/user/month -- requires CRONLINT_LICENSE_KEY with team tier)\r
\r
#### `cronlint scan --tier team [directory]`\r
Full scan with all 90 patterns across all 6 categories including lifecycle and observability.\r
\r
**How to execute:**\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" --path [directory] --tier team\r
```\r
\r
**What it does:**\r
1. Validates Team+ license\r
2. Runs all 90 patterns across 6 categories\r
3. Includes lifecycle management checks (graceful shutdown, orphaned tasks, stale entries)\r
4. Includes observability checks (missing metrics, no duration logging, no alerting)\r
5. Full category breakdown with per-file results\r
\r
#### `cronlint scan --verbose [directory]`\r
Verbose output showing every matched line and pattern details.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" --path [directory] --verbose\r
```\r
\r
#### `cronlint status`\r
Show license and configuration information.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" status\r
```\r
\r
#### `cronlint patterns`\r
List all detection patterns with their IDs, severities, and descriptions.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/dispatcher.sh" patterns\r
```\r
\r
## Check Categories\r
\r
CronLint detects 90 scheduled task anti-patterns across 6 categories:\r
\r
| Category | Code | Patterns | Description | Severity Range |\r
|----------|------|----------|-------------|----------------|\r
| **Overlapping Execution** | OE | 15 | Missing locks, concurrent runs, no mutex, no pid file check | low -- critical |\r
| **Timezone & Scheduling** | TZ | 15 | Hardcoded TZ, DST risks, UTC confusion, midnight pitfalls | low -- high |\r
| **Error & Recovery** | ER | 15 | No try/catch, missing retry, silent failure, no dead letter queue | low -- critical |\r
| **Resource Contention** | RC | 15 | Every-minute cron, no rate limit, unbounded queries, memory risk | low -- critical |\r
| **Lifecycle Management** | LM | 15 | No graceful shutdown, orphaned tasks, stale entries, no health check | low -- high |\r
| **Observability** | OB | 15 | No duration logging, no metrics, no alerting, no execution history | low -- high |\r
\r
## Tier-Based Pattern Access\r
\r
| Tier | Patterns | Categories |\r
|------|----------|------------|\r
| **Free** | 30 | OE, TZ |\r
| **Pro** | 60 | OE, TZ, ER, RC |\r
| **Team** | 90 | OE, TZ, ER, RC, LM, OB |\r
| **Enterprise** | 90 | OE, TZ, ER, RC, LM, OB + priority support |\r
\r
## Scoring\r
\r
CronLint uses a deductive scoring system starting at 100 (perfect):\r
\r
| Severity | Point Deduction | Description |\r
|----------|-----------------|-------------|\r
| **Critical** | -25 per finding | Severe risk (overlapping execution, silent failure, resource abuse) |\r
| **High** | -15 per finding | Significant problem (missing locks, DST scheduling, no error handling) |\r
| **Medium** | -8 per finding | Moderate concern (hardcoded TZ, missing retry, no rate limiting) |\r
| **Low** | -3 per finding | Informational / best practice suggestion |\r
\r
### Grading Scale\r
\r
| Grade | Score Range | Meaning |\r
|-------|-------------|---------|\r
| **A** | 90-100 | Excellent scheduling quality |\r
| **B** | 80-89 | Good scheduling with minor issues |\r
| **C** | 70-79 | Acceptable but needs improvement |\r
| **D** | 60-69 | Poor scheduling quality |\r
| **F** | Below 60 | Critical scheduling problems |\r
\r
- **Pass threshold:** 70 (Grade C or better)\r
- Exit code 0 = pass (score >= 70)\r
- Exit code 1 = fail (score \x3C 70)\r
\r
## Configuration\r
\r
Users can configure CronLint in `~/.openclaw/openclaw.json`:\r
\r
```json\r
{\r
"skills": {\r
"entries": {\r
"cronlint": {\r
"enabled": true,\r
"apiKey": "YOUR_LICENSE_KEY_HERE",\r
"config": {\r
"severityThreshold": "medium",\r
"ignorePatterns": ["**/test/**", "**/fixtures/**", "**/*.test.*"],\r
"ignoreChecks": [],\r
"reportFormat": "text"\r
}\r
}\r
}\r
}\r
}\r
```\r
\r
## Important Notes\r
\r
- **Free tier** works immediately with no configuration\r
- **All scanning happens locally** -- no code is sent to external servers\r
- **License validation is offline** -- no phone-home or network calls\r
- Pattern matching only -- no AST parsing, no external dependencies beyond bash\r
- Supports scanning all file types in a single pass\r
- Git hooks use **lefthook** which must be installed (see install metadata above)\r
- Exit codes: 0 = pass (score >= 70), 1 = fail (for CI/CD integration)\r
- Output formats: text (default), json, html\r
\r
## Error Handling\r
\r
- If lefthook is not installed and user tries hooks, prompt to install it\r
- If license key is invalid or expired, show clear message with link to https://cronlint.pages.dev/renew\r
- If a file is binary, skip it automatically with no warning\r
- If no scannable files found in target, report clean scan with info message\r
- If an invalid category is specified with --category, show available categories\r
\r
## When to Use CronLint\r
\r
The user might say things like:\r
- "Scan my code for cron job issues"\r
- "Check my scheduled task logic"\r
- "Find overlapping execution risks"\r
- "Detect timezone problems in schedulers"\r
- "Are there any cron anti-patterns?"\r
- "Check for missing error handling in cron jobs"\r
- "Audit my scheduling architecture"\r
- "Find resource contention in batch jobs"\r
- "Check for missing job observability"\r
- "Scan for graceful shutdown issues"\r
- "Run a scheduling quality audit"\r
- "Generate a cron health report"\r
- "Check if my jobs have overlap protection"\r
- "Find silent failure patterns in scheduled tasks"\r
- "Check my code for DST scheduling vulnerabilities"\r
安全使用建议
CronLint appears coherent: it runs entirely locally, scans repository files for scheduling anti-patterns, and uses lefthook to install git hooks if you opt in. Before installing, consider: (1) lefthook install will add/modify git hook configuration in your repo (it can be uninstalled with the provided hooks uninstall command); (2) the Pro/Team features require a license key (CRONLINT_LICENSE_KEY) which the skill will read from the environment or from ~/.openclaw/openclaw.json — only provide keys you trust; (3) an undocumented optional env var (CLAWHUB_JWT_SECRET) may be used locally to verify license signatures if present — you do not need to set it for normal use; (4) the scanner runs grep/regexes across your codebase (skipping common vendor paths) and will exit non-zero on poor scores, which can block commits if you enable hooks. If those behaviours are acceptable, the skill is consistent with its stated purpose.
功能分析
Type: OpenClaw Skill
Name: cronlint
Version: 1.0.1
CronLint is a legitimate static analysis tool for detecting anti-patterns in scheduled tasks and cron jobs. The core logic in `scripts/analyzer.sh` and `scripts/patterns.sh` uses local regex-based scanning to identify risks like overlapping execution and timezone errors without exfiltrating data. The license validation system in `scripts/license.sh` performs offline JWT decoding and field extraction using standard utilities (python3, node, or jq) and explicitly avoids network calls. The skill's integration with `lefthook` for git hooks and its reporting features are consistent with its stated purpose as a developer productivity and code quality tool.
能力标签
能力评估
Purpose & Capability
Name/description match the code and SKILL.md: scripts implement a local, regex-based static analyzer for scheduling anti-patterns. Required binaries (git, bash, python3, jq) and the lefthook brew install are reasonable for scanning code, parsing JSON, and integrating git hooks.
Instruction Scope
SKILL.md instructs the agent to run the provided dispatcher/scan scripts and to use lefthook for git-hook integration. The scripts operate on repository files (with .git, node_modules, and common vendor paths skipped) and do not attempt network calls or data exfiltration. The license flow reads a local config (~/.openclaw/openclaw.json) or env var, which is documented in SKILL.md.
Install Mechanism
Install spec only asks to install the well-known 'lefthook' brew formula to enable git-hook integration. No downloads from arbitrary URLs or extract/execute steps are present.
Credentials
Primary credential is CRONLINT_LICENSE_KEY which matches the described pro/team license flow. The license module also optionally reads ~/.openclaw/openclaw.json (declared in metadata) and will use CLAWHUB_JWT_SECRET if present to verify signatures — CLAWHUB_JWT_SECRET is not documented in SKILL.md but is optional and used only for local JWT verification. No unrelated secrets (AWS, GitHub tokens, etc.) are requested.
Persistence & Privilege
always:false and disable-model-invocation:false (normal). The skill can optionally install lefthook git hooks into a repository (writes/updates lefthook.yml and runs lefthook install), which modifies repo configuration — this is expected for a tool that offers pre-commit/pre-push scanning. It does not persistently modify other skills or system-wide agent settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install cronlint - 安装完成后,直接呼叫该 Skill 的名称或使用
/cronlint触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Fix: declare all deps, JWT verification, configPaths
v1.0.0
Initial release of CronLint: anti-pattern analyzer for scheduled tasks and cron jobs.
- Scans code for scheduling anti-patterns like overlapping execution, timezone errors, missing error recovery, and more.
- Supports 3 tiers: Free (30 patterns), Pro (60 patterns), and Team (90 patterns) with category-based pattern access.
- Provides CLI commands for scanning, reporting, license status, and pattern listing.
- Outputs Markdown, JSON, or HTML reports with grading and remediation guidance.
- 100% local execution; no telemetry or external code transfer.
元数据
常见问题
cronlint 是什么?
Scheduled task & cron job anti-pattern analyzer -- detects overlapping execution risks, timezone scheduling errors, missing error recovery, resource contenti... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 81 次。
如何安装 cronlint?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install cronlint」即可一键安装,无需额外配置。
cronlint 是免费的吗?
是的,cronlint 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
cronlint 支持哪些平台?
cronlint 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(darwin, linux, win32)。
谁开发了 cronlint?
由 suhteevah(@suhteevah)开发并维护,当前版本 v1.0.1。
推荐 Skills