← 返回 Skills 市场

Devvit Publishing Auditor

Name: Devvit Publishing Auditor
Author: asifdotpy

作者 asifdotpy · GitHub ↗ · v1.0.1

cross-platform ✓ 安全检测通过

1090

总下载

当前安装

版本数

在 OpenClaw 中安装

/install devvit-publishing-auditor

功能描述

Audits Reddit Devvit apps for environment, config, compliance, and documentation to ensure readiness before server upload.

使用说明 (SKILL.md)

Devvit Publishing Auditor\r

\r A specialized auditor for Reddit Devvit developers to verify app readiness before uploading to the Reddit servers. It ensures compliance with Devvit CLI v0.12.x and Reddit’s publishing standards.\r \r

Overview\r

This skill acts as a pre-flight checklist runner. It performs environment checks, dependency validation, configuration audits, and compliance scans for Web View games.\r \r

How to use\r

Drop this folder/skill into your project.\r
Ask your coding agent: "Run the Devvit Publishing Auditor."\r
Follow the Go/No-Go report instructions.\r \r

Included Checks\r

CLI/Env: Version checks, Auth status, and Type integrity.\r
Config: devvit.json validation and permission mapping.\r
Game Compliance: Asset size limits, scroll-trap detection, and launch screen verification.\r
Docs: README and Privacy Policy requirements.

安全使用建议

This skill appears to be what it says: a local pre-publish auditor that runs npx devvit commands, tsc, and scans files in your project. Before granting permission, consider: (1) the agent will run local commands (npx/tsc) which execute code from your environment — ensure you trust the Devvit CLI on your machine; (2) the auditor will read project files (devvit.json, /src, /assets, CSS) — do not allow scans if these folders contain secrets you don't want inspected; (3) the skill suggests advising a global npm update but explicitly warns not to run global installs without your consent — prefer performing installations yourself; (4) the skill metadata lacks a homepage or publisher description (source unknown), so if you require provenance, verify the author or use an audited, official Devvit tool instead.

功能分析

Type: OpenClaw Skill Name: devvit-publishing-auditor Version: 1.0.1 The skill's instructions are clearly aligned with its stated purpose of auditing a Devvit project for publishing. It includes explicit safety rules for the agent, requiring user confirmation for global system modifications or broad directory scans. All requested commands (`npx devvit`, `npx tsc`) and file system access (scanning `devvit.json`, `/src`, `/assets`) are directly relevant to the audit process and do not indicate any intent for data exfiltration, malicious execution, or unauthorized access beyond the project scope.

能力评估

✓ Purpose & Capability

Name and runtime instructions align: the skill is a pre-publish auditor that runs devvit CLI checks, type-checks, and scans project files for compliance. Nothing requested (no env vars, no external services) appears unrelated to that purpose.

✓ Instruction Scope

SKILL.md and instructions.txt limit activity to local project checks (devvit CLI commands, tsc, scanning devvit.json, /src, /assets, and CSS). The instructions explicitly require user permission before running commands or broad directory scans, and they do not instruct exfiltration or contacting unexpected external endpoints.

✓ Install Mechanism

This is an instruction-only skill with no install spec and no code files — nothing is written to disk by the skill itself. The only commands suggested use npx or user-run npm installs, which is appropriate for this use case.

✓ Credentials

The skill requests no environment variables, credentials, or config paths. The checks it proposes (devvit whoami/version, scanning devvit.json and source) are proportional to auditing a Devvit app.

✓ Persistence & Privilege

The skill does not request permanent presence or elevated agent privileges (always is false). It does not instruct modifying other skills or system-wide config; global installs are explicitly marked as requiring user confirmation.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install devvit-publishing-auditor
安装完成后，直接呼叫该 Skill 的名称或使用 /devvit-publishing-auditor 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.1

Fixed security flag by removing automatic global npm installs and adding user-consent prompts for file scanning.

v1.0.0

Initial release of Devvit Publishing Auditor. - Provides pre-flight auditing for Reddit Devvit app developers. - Checks for compliance with Devvit CLI v0.12.x and Reddit publishing standards. - Validates environment, dependencies, configuration, and game compliance for Web View projects. - Generates a Go/No-Go report to guide app publishing readiness.

元数据

Slug devvit-publishing-auditor

版本 1.0.1

许可证 —

累计安装 1

当前安装数 1

历史版本数 2

常见问题