← 返回 Skills 市场

Cuihua Config Validator

Name: Cuihua Config Validator
Author: supermario11

作者 supermario11 · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

130

总下载

当前安装

版本数

在 OpenClaw 中安装

/install cuihua-config-validator

功能描述

AI-powered configuration validator. Automatically validate JSON/YAML configs, detect conflicts, and suggest best practices.

使用说明 (SKILL.md)

cuihua-config-validator ⚙️

Validate configs with AI-powered insights

Features

JSON/YAML validation
Environment variable checks
Conflict detection
Best practices

Quick Start

"Validate package.json" "Check .env file"

Install

```bash clawhub install cuihua-config-validator ```

MIT | 🌸 Cuihua

What It Does

Validates configuration files and catches common mistakes:

JSON Validation

Syntax errors
Missing commas
Trailing commas
Invalid escape sequences

Environment Variables

Missing required vars
Typos in variable names
Unused variables
Security risks (hardcoded secrets)

Best Practices

Naming conventions
Structure recommendations
Performance tips
Security guidelines

Examples

Input:

{
  "name": "my-app"
  "version": "1.0.0"
}

Output:

❌ Syntax error (line 2): Missing comma after "my-app"

Fix:

{
  "name": "my-app",
  "version": "1.0.0"
}

Supported Formats

package.json
tsconfig.json
.env files
docker-compose.yml
Custom JSON/YAML

Full docs: https://clawhub.ai/skills/cuihua-config-validator

安全使用建议

This skill over-promises: its docs claim many AI-driven checks, but the included code only does a basic JSON syntax check. Before installing or using it, ask the author for the missing implementation or a source/homepage; review or run the validator.js locally in a sandbox to confirm behavior; do not rely on it to validate YAML, .env files, or provide security recommendations until those features are actually implemented and auditable. If you need the advertised capabilities now, prefer a well-known tool or library that explicitly implements YAML parsing and secret scanning.

功能分析

Type: OpenClaw Skill Name: cuihua-config-validator Version: 1.0.0 The skill bundle provides a basic JSON validation tool as described. The implementation in validator.js is a straightforward Node.js script that reads local files and performs standard JSON parsing without any network access, shell execution, or data exfiltration logic. While the documentation in SKILL.md claims features like YAML support that are not present in the current code, there are no indicators of malicious intent or security vulnerabilities.

能力评估

⚠ Purpose & Capability

SKILL.md advertises JSON/YAML validation, environment-variable analysis, conflict detection, and best-practice suggestions, but the only shipped code (validator.js) performs a single JSON.parse on one file and prints validity. YAML parsing, .env analysis, conflict detection, and recommendations are not implemented. Requiring only node is coherent, but the feature listing is disproportionate to the actual implementation.

ℹ Instruction Scope

The runtime instructions describe scanning package.json, .env, docker-compose.yml, and custom YAML/JSON formats. The instructions themselves do not instruct any broad or sensitive actions (no network calls, no reading of arbitrary system state beyond files the user asks to validate). However, because the implementation doesn't match the documented scope, the agent might claim capabilities it cannot actually perform — that mismatch is the main concern.

✓ Install Mechanism

No install spec is provided and the skill is instruction+small script only; required binary 'node' is appropriate for the provided validator.js. No remote downloads or archive extraction are present.

✓ Credentials

The skill requests no environment variables or credentials, which is appropriate given the declared purpose. The SKILL.md mentions analyzing environment variables (e.g., .env files) but does not request secrets or elevated access — that analysis would be file-based and is not implemented in the code.

✓ Persistence & Privilege

The skill does not request persistent presence (always: false) and does not modify other skills or system-wide configuration. Autonomous invocation is allowed (default) but is not combined with other concerning privileges or credential access.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install cuihua-config-validator
安装完成后，直接呼叫该 Skill 的名称或使用 /cuihua-config-validator 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

⚙️ AI-powered config validation for JSON, YAML, .env files

元数据

Slug cuihua-config-validator

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题