← 返回 Skills 市场
97
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install errorlens
功能描述
Error handling & exception safety analyzer -- scans codebases for empty catches, swallowed exceptions, missing error boundaries, unhandled rejections, generi...
使用说明 (SKILL.md)
\r \r
ErrorLens -- Error Handling & Exception Safety Analyzer\r
\r ErrorLens scans codebases for dangerous error handling patterns: empty catch blocks, swallowed exceptions, missing error boundaries, unhandled promise rejections, generic error types, missing finally blocks, bare except clauses, error message information leaks, unchecked error returns, and missing error propagation. Covers JS/TS, Python, Java, Go, Rust, and C#. Uses regex-based pattern matching against 90+ error handling anti-patterns, lefthook for git hook integration, and produces markdown reports with actionable remediation recommendations. 100% local. Zero telemetry.\r \r
Commands\r
\r
Free Tier (No license required)\r
\r
errorlens scan [file|directory]\r
One-shot error handling scan of files or directories.\r \r How to execute:\r
bash "\x3CSKILL_DIR>/scripts/errorlens.sh" scan [target]\r
```\r
\r
**What it does:**\r
1. Accepts a file path or directory (defaults to current directory)\r
2. Discovers all source files (skips .git, node_modules, binaries, images, .min.js)\r
3. Runs 90+ error handling pattern checks against each file\r
4. Respects .gitignore and allowlist files\r
5. Calculates an error safety score (0-100) per file and overall\r
6. Grades: A (90-100), B (80-89), C (70-79), D (60-69), F (\x3C60)\r
7. Outputs findings with: file, line number, check ID, severity, description, recommendation\r
8. Exit code 0 if score >= 70, exit code 1 if too many issues found\r
9. Free tier limited to 5 files per scan\r
\r
**Example usage scenarios:**\r
- "Scan my code for error handling issues" -> runs `errorlens scan .`\r
- "Check this file for empty catch blocks" -> runs `errorlens scan src/api.ts`\r
- "Find swallowed exceptions in my project" -> runs `errorlens scan src/`\r
- "Are there unsafe error patterns in my code?" -> runs `errorlens scan .`\r
- "Check for missing error boundaries" -> runs `errorlens scan .`\r
\r
#### `errorlens hook`\r
Install git pre-commit hooks that scan staged files for error handling issues before every commit.\r
\r
**How to execute:**\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/errorlens.sh" hook install\r
```\r
\r
**What it does:**\r
1. Copies lefthook config to project root\r
2. Installs lefthook pre-commit hook\r
3. On every commit: scans all staged files for error handling issues, blocks commit if critical/high findings, shows remediation advice\r
\r
#### `errorlens report [directory]`\r
Generate a markdown error handling report with findings, severity breakdown, and remediation steps.\r
\r
**How to execute:**\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/errorlens.sh" report [directory]\r
```\r
\r
**What it does:**\r
1. Runs full scan of the directory\r
2. Generates a formatted markdown report from template\r
3. Includes per-file breakdowns, error safety scores, remediation priority\r
4. Output suitable for code reviews and quality audits\r
\r
### Pro Tier ($19/user/month -- requires ERRORLENS_LICENSE_KEY)\r
\r
#### `errorlens watch [directory]`\r
Continuous monitoring mode that watches for file changes and re-scans automatically.\r
\r
**How to execute:**\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/errorlens.sh" watch [directory]\r
```\r
\r
**What it does:**\r
1. Validates Pro+ license\r
2. Watches directory for file modifications\r
3. Re-scans changed files automatically on save\r
4. Displays live error handling score updates\r
5. Useful for development-time feedback\r
\r
#### `errorlens ci [directory]`\r
CI/CD integration mode with strict exit codes and machine-readable output.\r
\r
**How to execute:**\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/errorlens.sh" ci [directory]\r
```\r
\r
**What it does:**\r
1. Validates Pro+ license\r
2. Runs full scan with no file limit\r
3. Outputs findings in CI-friendly format\r
4. Exit code 0 = pass (score >= 70), 1 = fail\r
5. Supports severity threshold configuration\r
6. Suitable for GitHub Actions, GitLab CI, Jenkins, etc.\r
\r
### Team Tier ($39/user/month -- requires ERRORLENS_LICENSE_KEY with team tier)\r
\r
#### `errorlens team-report [directory]`\r
Aggregate team-level error handling metrics and trends.\r
\r
**How to execute:**\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/errorlens.sh" team-report [directory]\r
```\r
\r
**What it does:**\r
1. Validates Team+ license\r
2. Scans entire directory with full pattern set\r
3. Generates aggregate metrics per category (EC, SE, EB, GE, RP, IL)\r
4. Shows per-directory breakdown for team ownership analysis\r
5. Includes trend data if previous baselines exist\r
6. Reports team-wide error handling maturity score\r
\r
#### `errorlens baseline [directory]`\r
Establish a baseline of known error handling issues for incremental improvement tracking.\r
\r
**How to execute:**\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/errorlens.sh" baseline [directory]\r
```\r
\r
**What it does:**\r
1. Validates Team+ license\r
2. Scans directory and records all current findings as baseline\r
3. Saves baseline to .errorlens-baseline.json\r
4. Future scans only report NEW issues not in the baseline\r
5. Useful for legacy codebases with known accepted patterns\r
6. Enables incremental error handling improvement tracking\r
\r
#### `errorlens status`\r
Show license and configuration information.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/errorlens.sh" status\r
```\r
\r
## Detected Error Handling Patterns\r
\r
ErrorLens detects 90+ error handling anti-patterns across 6 categories:\r
\r
| Category | Examples | Severity |\r
|----------|----------|----------|\r
| **Empty Catches (EC)** | Empty catch blocks in JS/TS/Java/C#/Python, catch with only comments, catch with only pass, catch-all without logging | Critical/High |\r
| **Swallowed Exceptions (SE)** | Catch blocks that don't rethrow/log, exception variable unused, catch that returns null/undefined/false silently, ignored error callbacks | Critical/High |\r
| **Error Boundaries (EB)** | Missing React error boundaries, missing Express error middleware, missing global handlers, unhandled promise rejections, window.onerror | High/Medium |\r
| **Generic Errors (GE)** | Throwing generic Error/Exception, bare except in Python, catching Throwable in Java, catching Object in TS, overly broad error types | High/Medium |\r
| **Resource & Propagation (RP)** | Missing finally for resource cleanup, unchecked error returns in Go, missing error propagation (? in Rust), ignored Result types, missing defer/close | High/Medium |\r
| **Information Leak (IL)** | Stack traces in HTTP responses, error.message in API responses, console.error with sensitive data, verbose errors in production, raw exception details to users | High/Medium |\r
\r
## Configuration\r
\r
Users can configure ErrorLens in `~/.openclaw/openclaw.json`:\r
\r
```json\r
{\r
"skills": {\r
"entries": {\r
"errorlens": {\r
"enabled": true,\r
"apiKey": "YOUR_LICENSE_KEY_HERE",\r
"config": {\r
"severityThreshold": "high",\r
"ignorePatterns": ["**/test/**", "**/fixtures/**", "**/*.test.*"],\r
"ignoreChecks": [],\r
"allowlistFile": ".errorlens-allowlist",\r
"reportFormat": "markdown"\r
}\r
}\r
}\r
}\r
}\r
```\r
\r
## Important Notes\r
\r
- **Free tier** works immediately with no configuration\r
- **All scanning happens locally** -- no code is sent to external servers\r
- **License validation is offline** -- no phone-home or network calls\r
- Pattern matching only -- no AST parsing, no external dependencies beyond bash\r
- Supports scanning all file types in a single pass\r
- Git hooks use **lefthook** which must be installed (see install metadata above)\r
- Exit codes: 0 = clean (score >= 70), 1 = issues detected (for CI/CD integration)\r
\r
## Error Handling\r
\r
- If lefthook is not installed and user tries `hook install`, prompt to install it\r
- If license key is invalid or expired, show clear message with link to https://errorlens.pages.dev/renew\r
- If a file is binary, skip it automatically with no warning\r
- If no scannable files found in target, report clean scan with info message\r
- If .errorlens-allowlist is missing, skip allowlist filtering gracefully\r
\r
## When to Use ErrorLens\r
\r
The user might say things like:\r
- "Scan my code for error handling issues"\r
- "Find empty catch blocks in my project"\r
- "Check for swallowed exceptions"\r
- "Are there missing error boundaries?"\r
- "Scan for unsafe error patterns"\r
- "Find unhandled promise rejections"\r
- "Check if my error handling is correct"\r
- "Detect bare except clauses"\r
- "Run an error handling audit"\r
- "Set up pre-commit hooks for error handling"\r
- "Generate an error handling report"\r
- "Find catch blocks that don't rethrow"\r
- "Check for generic error types"\r
- "Scan for information leaks in error messages"\r
- "Audit my code for exception safety"\r
- "Find missing finally blocks"\r
- "Check for unchecked error returns in Go"\r
- "Baseline existing error handling issues"\r
安全使用建议
This skill appears to do what it claims: a local, regex-based error-handling scanner with optional pre-commit hooks and license-gated features. Before installing or enabling hooks you should: (1) inspect the shipped scripts (patterns.sh, analyzer.sh, license.sh) — hooks will execute those scripts on every commit; (2) keep your license key in the environment or ~/.openclaw/openclaw.json as described and only provide a key intended for ErrorLens; (3) ensure you trust the lefthook tool (brew install lefthook) and verify any appended lefthook.yml changes in your repo. Nothing in the code attempts network exfiltration, but installing the pre-commit hook gives the skill's code execution on commits, so enable hooks only for repositories you trust.
功能分析
Type: OpenClaw Skill
Name: errorlens
Version: 1.0.1
ErrorLens is a static analysis tool designed to identify error handling anti-patterns (e.g., empty catches, swallowed exceptions, information leaks) across multiple programming languages. The skill bundle consists of shell scripts (analyzer.sh, errorlens.sh) that perform local regex-based scanning using a comprehensive set of patterns defined in patterns.sh. It includes legitimate features such as git hook integration via lefthook and markdown report generation. The license validation logic in license.sh is performed offline via JWT decoding, and there is no evidence of data exfiltration, telemetry, or malicious execution.
能力标签
能力评估
Purpose & Capability
Name, description, and included scripts implement a local regex-based error-handling scanner, pre-commit hook integration (lefthook), reporting, watch/CI/team modes gated behind a license key. Required binaries (git, bash, python3, jq) and the brew lefthook install are proportionate to the described functionality.
Instruction Scope
Runtime instructions source and execute the shipped bash scripts (patterns.sh, analyzer.sh, license.sh). The pre-commit hook installs run those local scripts from $HOME/.openclaw/skills/errorlens or project lefthook.yml; thus commits will execute code from the skill directory. The analyzer reads ~/.openclaw/openclaw.json (to find a configured license key) and optional .errorlens-allowlist/.errorlens-baseline files in the repo. There are no network calls or external endpoints in the scripts; however, installing the hook grants the skill's code the ability to run on every git commit, so you must trust the shipped scripts before enabling hooks.
Install Mechanism
Install spec uses a single brew formula (lefthook), which is a known git-hook manager. No downloads from untrusted URLs or archive extraction are present. The skill's own files are supplied in the bundle (scripts, patterns, config).
Credentials
The only credential surface is ERRORLENS_LICENSE_KEY (primaryEnv) used to enable Pro/Team features; that is consistent with the pro/team features described. The license module reads the key from the environment or from ~/.openclaw/openclaw.json; it does not attempt to read unrelated secrets. An optional CLAWHUB_JWT_SECRET is only used to verify JWT signatures if present — not required for normal operation.
Persistence & Privilege
always:false and user-invocable:true (normal). Installing hooks writes/edits lefthook.yml in the repository and calls lefthook install; the skill does not request permanent platform-wide privileges beyond adding hooks to repos the user chooses. Because hooks execute the skill's scripts on commit, installing hooks grants those scripts execution on future commits — review the code before enabling hooks.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install errorlens - 安装完成后,直接呼叫该 Skill 的名称或使用
/errorlens触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Fix: declare all deps, JWT verification, configPaths
v1.0.0
Initial release of ErrorLens – Error handling & exception safety analyzer
- Scans codebases for empty catches, swallowed exceptions, missing error boundaries, unhandled rejections, generic error types, and unsafe error patterns across JS/TS, Python, Java, Go, Rust, and C#.
- Detects 90+ error handling anti-patterns using regex-based pattern matching.
- Integrates with git via pre-commit hooks (lefthook) and produces actionable markdown reports.
- Offers free, Pro, and Team tiers, with CLI commands for scanning, reporting, CI integration, baseline establishment, and team metrics.
- 100% local scanning with zero telemetry; all code analysis happens offline.
元数据
常见问题
errorlens 是什么?
Error handling & exception safety analyzer -- scans codebases for empty catches, swallowed exceptions, missing error boundaries, unhandled rejections, generi... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 97 次。
如何安装 errorlens?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install errorlens」即可一键安装,无需额外配置。
errorlens 是免费的吗?
是的,errorlens 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
errorlens 支持哪些平台?
errorlens 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(darwin, linux, win32)。
谁开发了 errorlens?
由 suhteevah(@suhteevah)开发并维护,当前版本 v1.0.1。
推荐 Skills