← 返回 Skills 市场
53
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install cxz9909-code-assistant
功能描述
Asistente de programación especializado. Analiza código, encuentra bugs, sugiere optimizaciones, refactoriza y genera documentación automáticamente.
使用说明 (SKILL.md)
Code Assistant (Asistente de Programación Pro)
Una super-habilidad para desarrolladores. Va más allá de escribir código: analiza, depura, optimiza, refactoriza y documenta.
Capacidades
┌─────────────────────────────────────────────────────┐
│ CODE ASSISTANT │
├─────────────────────────────────────────────────────┤
│ 🔍 Análisis │ Encuentra bugs y code smells │
│ ⚡ Optimización │ Mejora rendimiento y eficiencia │
│ 🔄 Refactor │ Limpia y estructura código │
│ 📝 Documenta │ Genera docstrings y README │
│ 🧪 Tests │ Crea tests unitarios │
│ 🔐 Seguridad │ Detecta vulnerabilidades │
└─────────────────────────────────────────────────────┘
Comandos
Análisis de Código
# Analizar un archivo
code analyze src/utils.ts
# Analizar un directorio
code analyze src/ --depth:2
# Buscar bugs específicos
code bugs src/api/
code find-bugs src/
# Revisar complejidad
code complexity src/heavy-function.ts
Optimización
# Sugerir optimizaciones
code optimize src/slow-algorithm.py
# Optimizar queries SQL
code optimize-sql queries/
# Reducir bundle size
code optimize-bundle src/
Refactorización
# Refactorizar archivo
code refactor src/legacy-code.js
# Aplicar convenciones (PEP8, ESLint rules)
code format src/ --style:pep8
# Extraer función
code extract-function src/long-file.ts --lines:45-80
Documentación
# Generar docstrings
code document src/api/
# Crear README
code readme src/my-project/
# Generar changelog
code changelog --since:v1.0.0
Tests
# Generar tests unitarios
code test-gen src/calculator.ts
# Sugerir edge cases
code edge-cases src/validator.py
Ejemplo de Uso
Usuario: code analyze src/users/auth.ts
Bot: 🔍 Análisis de: src/users/auth.ts
📊 Métricas:
├── Líneas: 245
├── Funciones: 12
├── Complejidad ciclomática: 18 ⚠️ (alta)
└── Cobertura de docs: 30% ⚠️
🐛 Bugs Potenciales (2):
1. Línea 67: Race condition
```typescript
// ❌ Problema
if (user) {
await saveUser(user); // user puede cambiar entre check y save
}
```
💡 Solución: Usar transacción o lock
2. Línea 142: SQL Injection
```typescript
// ❌ Problema
query(`SELECT * FROM users WHERE id = ${userId}`)
```
💡 Solución: Usar parámetros preparados
⚡ Optimizaciones Sugeridas (3):
1. Línea 89: Usar Map en lugar de Object para lookups frecuentes
2. Línea 156: Memoizar resultado de getPermissions()
3. Línea 201: Lazy loading para módulo crypto
🔄 Refactorizaciones Sugeridas:
1. Extraer validateToken() a módulo separado
2. Aplicar patrón Repository para queries
¿Ejecutar alguna acción? [Documentar] [Refactorizar] [Generar Tests]
Lenguajes Soportados
| Lenguaje | Análisis | Docs | Tests |
|---|---|---|---|
| TypeScript/JavaScript | ✅ | ✅ | ✅ |
| Python | ✅ | ✅ | ✅ |
| Go | ✅ | ✅ | ✅ |
| Rust | ✅ | ✅ | ⚠️ |
| Java | ✅ | ✅ | ✅ |
| C/C++ | ⚠️ | ⚠️ | ⚠️ |
Integración con Coding Agents
Puede delegar tareas complejas a Codex, Claude Code o Pi:
# Usar Codex para refactorizar
code refactor src/legacy.ts --agent:codex
# Usar Claude para documentar
code document src/ --agent:claude
Configuración
| Variable | Descripción | Default |
|---|---|---|
CODE_DEFAULT_STYLE |
Estilo de código | auto |
CODE_MAX_COMPLEXITY |
Umbral de complejidad | 15 |
CODE_AUTO_FIX |
Aplicar fixes automáticamente | false |
CODE_IGNORE_PATTERNS |
Patrones a ignorar | node_modules,dist |
Reglas de Análisis
El asistente detecta:
- Security: SQL injection, XSS, path traversal, hardcoded secrets
- Performance: N+1 queries, loops ineficientes, memory leaks
- Style: Nombres inconsistentes, funciones largas, código muerto
- Logic: Null checks faltantes, race conditions, off-by-one errors
Integración
- self-repair: Los bugs encontrados pueden auto-corregirse
- knowledge-base: Busca en documentación indexada
- expert-researcher: Investiga mejores prácticas
安全使用建议
What to consider before installing:
- Mismatch between claims and code: SKILL.md promises many features (refactor, optimization, agent delegation, self-repair) that are not implemented in scripts/analyzer.ts. Ask the publisher for the full implementation or an explanation of how the extra features are provided.
- Runtime requirements missing: The included file is TypeScript with a node shebang but there is no install/build step or declared required binary (node/ts-node). Confirm how you should run it and whether a compiled JS binary or package.json is provided.
- Metadata inconsistency: The _meta.json ownerId differs from the registry Owner ID and the Source is 'unknown'. Confirm author identity and provenance before trusting or running the skill.
- No obvious network exfiltration: The analyzer script shown performs only local file reads and static pattern checks; there are no network calls or secret access in the provided code snippet. Still, because some features mentioned would normally require external services (Codex/Claude/Pi/knowledge-base), verify where those calls would occur and whether credentials/endpoints are safe.
- Safe deployment steps: If you still want to try it, run it in a sandboxed environment (container or VM), inspect the complete source (ensure the analyzer.ts file is intact and not truncated), and require the author to provide build/usage instructions and a signed/official package release. Refuse to run code from this skill in sensitive environments until provenance and full implementation are confirmed.
功能分析
Type: OpenClaw Skill
Name: cxz9909-code-assistant
Version: 1.0.0
The code-assistant skill is a legitimate static analysis tool designed to help developers identify common bugs, security vulnerabilities (like SQL injection and hardcoded secrets), and performance issues. The implementation in `scripts/analyzer.ts` uses standard Node.js file system modules and regular expressions to scan source code without any evidence of data exfiltration, unauthorized network access, or malicious execution.
能力标签
能力评估
Purpose & Capability
The SKILL.md advertises a full-featured 'Code Assistant' (analysis, optimization, refactor, tests, security, integrations with Codex/Claude/Pi, self-repair, knowledge-base, etc.). The included scripts/analyzer.ts implements a local static analyzer, doc generator, and CLI analyze functionality only. Many advertised commands (optimize-sql, optimize-bundle, refactor, test-gen, agent delegations) are not implemented in the provided code. This is an overpromise/incoherence between claimed capabilities and actual delivered code.
Instruction Scope
SKILL.md instructs running a variety of CLI commands and suggests delegating to external coding agents and a knowledge-base, but it provides no concrete wiring, endpoints, or credentials for those integrations. The runtime instructions do advise reading project files (expected), but they are vague about how 'self-repair' or remote agent delegation works. That vagueness grants broad discretion without implementation details.
Install Mechanism
There is no install spec. The bundle contains a TypeScript script (scripts/analyzer.ts) with a node shebang, but the skill metadata does not declare any required binary (node, ts-node, or a build step). Running this code as-is would likely fail without additional runtime setup. The absence of an install/build step is an operational mismatch and increases risk of accidental misconfiguration.
Credentials
The skill does not require secrets or credentials. SKILL.md documents optional config env vars (CODE_MAX_COMPLEXITY, CODE_AUTO_FIX, etc.) and the analyzer.ts reads some of these, which is proportionate. No sensitive environment variables are requested. This is OK, but the SKILL.md lists features (agent integrations) that would normally require credentials — those are not declared, which is another inconsistency.
Persistence & Privilege
The skill does not request persistent/autonomous privileges (always: false). It does not declare modifications to other skills or system-wide settings. No privilege escalation indicators were found in the provided files.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install cxz9909-code-assistant - 安装完成后,直接呼叫该 Skill 的名称或使用
/cxz9909-code-assistant触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of Code Assistant (Asistente de Programación Pro):
- Analiza código fuente para encontrar bugs, optimizaciones y sugerencias de refactorización.
- Genera y mejora documentación automáticamente, incluyendo docstrings y README.
- Crea tests unitarios y sugiere casos extremos de prueba.
- Incluye comandos detallados para análisis, optimización, refactorización, documentación y testing.
- Soporta múltiples lenguajes: TypeScript, JavaScript, Python, Go, Rust, Java y C/C++.
- Permite integración con agentes externos (Codex, Claude, Pi) para delegar tareas complejas.
- Ofrece opciones de configuración avanzadas y puede autocorregir errores encontrados.
元数据
常见问题
Cxz9909 Code Assistant 是什么?
Asistente de programación especializado. Analiza código, encuentra bugs, sugiere optimizaciones, refactoriza y genera documentación automáticamente. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 53 次。
如何安装 Cxz9909 Code Assistant?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install cxz9909-code-assistant」即可一键安装,无需额外配置。
Cxz9909 Code Assistant 是免费的吗?
是的,Cxz9909 Code Assistant 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Cxz9909 Code Assistant 支持哪些平台?
Cxz9909 Code Assistant 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Cxz9909 Code Assistant?
由 cxz9909(@cxz9909)开发并维护,当前版本 v1.0.0。
推荐 Skills