← 返回 Skills 市场
84
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install jar-conflict-detector
功能描述
This skill should be used when the user needs to detect JAR package conflicts, version inconsistencies, or known incompatible dependency pairs in a Spring Bo...
使用说明 (SKILL.md)
\r \r
JAR 包冲突检测 Skill — Spring Boot 微服务\r
\r
目的\r
\r To detect version conflicts, known incompatible dependency pairs, and duplicate JARs\r in Spring Boot microservice projects (Maven or Gradle), and produce an actionable\r conflict report with resolution suggestions.\r \r
触发场景\r
\r Use this skill when the user:\r
- Reports runtime errors such as
NoSuchMethodError,ClassNotFoundException,LinkageError\r - Asks to check or analyze JAR conflicts, version convergence, or dependency tree issues\r
- Is upgrading Spring Boot (e.g., 2.x → 3.x) and needs conflict validation\r
- Wants a dependency health check before CI/CD deployment\r
- Mentions Spring Cloud + Spring Boot version mismatch\r \r
工作流程\r
\r
Step 1 — 确认项目目录和构建工具\r
\r Ask the user for (or infer from context):\r
- Project root directory — path to the Maven/Gradle project (containing
pom.xmlorbuild.gradle)\r - Build tool — auto-detected if not specified (
maven|gradle|auto)\r - Report format —
html(default, visual) |txt|json(for CI)\r - Severity level —
all(default) |warn|error\r \r For multi-module projects, always point to the parent/root directory so all sub-modules are scanned.\r \r
Step 2 — 运行检测脚本\r
\r Run the bundled detection script:\r \r
python scripts/detect_conflicts.py \\r
--project-dir \x3C用户项目路径> \\r
--output conflict-report.html \\r
--mode auto \\r
--level all\r
```\r
\r
**Script capabilities:**\r
- Runs `mvn dependency:tree` (Maven) or `gradle dependencies` (Gradle) to get the full resolved dependency tree\r
- Falls back to static `pom.xml` parsing if Maven/Gradle CLI is unavailable\r
- Detects **version conflicts**: same `groupId:artifactId`, different versions across modules\r
- Detects **known incompatible pairs**: e.g., Spring Boot 3.x + Spring 5.x, dual SLF4J bindings\r
- Generates reports in HTML / TXT / JSON format\r
\r
**Output files:**\r
- `conflict-report.html` — visual HTML report (default, recommended)\r
- `conflict-report.txt` — plain text for terminal review\r
- `conflict-report.json` — machine-readable for CI integration\r
\r
### Step 3 — 解读结果并给出建议\r
\r
After scanning, present results clearly:\r
\r
1. **总结** — X 个 ERROR,Y 个 WARN,依赖总数\r
2. **逐条解读** — 对每个 ERROR 级冲突说明原因和影响\r
3. **给出修复方案** — 参考 `references/conflict_patterns.md` 提供具体 POM/Gradle 修改示例\r
\r
For resolution guidance, load `references/conflict_patterns.md` which contains:\r
- Common conflict patterns and fixes\r
- Spring Boot / Spring Cloud / Hibernate version compatibility matrix\r
- SLF4J binding conflict resolution\r
- javax → jakarta migration guide\r
- Maven Enforcer plugin setup for CI enforcement\r
\r
### Step 4 — 可选:生成修复建议 POM 片段\r
\r
If the user wants specific fixes, generate the corresponding `dependencyManagement`\r
XML snippet or Gradle `resolutionStrategy` block inline in the reply.\r
\r
## 输出格式指南\r
\r
- **HTML 报告** — 默认推荐,适合人工审查,call `preview_url` or `open_result_view`\r
- **JSON 报告** — 适合 CI pipeline 解析,结合 `jq` 过滤 ERROR 级别\r
- **TXT 报告** — 适合终端快速查看\r
\r
## 注意事项\r
\r
- If `mvn`/`gradle` is not available on PATH, the script falls back to static POM parsing\r
(less accurate — transitive dependencies won't be resolved). Inform the user.\r
- For **Spring Boot 3.x migration**, always check for `javax.*` → `jakarta.*` conflicts.\r
- For **multi-module projects**, run from the **root directory** with the parent `pom.xml`.\r
- Script exit code: `0` = no ERROR conflicts; `1` = at least one ERROR found (useful for CI gates).\r
- All Python stdlib only — no pip install required.\r
安全使用建议
This skill appears to do what it claims, but before running it consider: 1) Running mvn/gradle in a project can execute build scripts, plugins, init scripts, and may run arbitrary code from the repository — only run it on trusted projects or inside an isolated sandbox/container and a non-privileged account. 2) Build tools may download artifacts from the network; if you need a zero-network audit, prefer the static POM parsing fallback. 3) Inspect scripts/detect_conflicts.py yourself (it is included) to confirm there are no unexpected behaviors. 4) If you are automating in CI, use the script's exit codes and JSON output, but ensure the CI runner environment is appropriately sandboxed. 5) The SKILL.md mentions preview functions not implemented by the script — expect to open report files manually.
功能分析
Type: OpenClaw Skill
Name: jar-conflict-detector
Version: 1.0.0
The skill is a legitimate utility designed to analyze Java dependency conflicts in Maven and Gradle projects. It operates by parsing build files and executing standard commands like 'mvn dependency:tree' via the subprocess module in 'scripts/detect_conflicts.py'. There is no evidence of data exfiltration, malicious persistence, or harmful prompt injection; the instructions in 'SKILL.md' and the logic in the Python script are strictly aligned with the stated purpose of project health checks.
能力评估
Purpose & Capability
Name/description (JAR conflict detection for Maven/Gradle Spring Boot projects) matches the provided code and instructions: the script parses pom.xml, can invoke mvn dependency:tree or gradle dependencies, and uses a local references file for known incompatibilities and fixes.
Instruction Scope
Runtime instructions explicitly tell the agent to run the bundled Python script which in turn will invoke mvn/gradle in the user's project directory. Running mvn/gradle (even for dependency queries) can execute project build logic, init scripts, plugins, and may download remote artifacts — this is expected for the task but is a notable execution and network risk if run against untrusted code. Also SKILL.md suggests UI actions like 'preview_url' or 'open_result_view' which are not implemented in the script (minor mismatch). The script does provide a static POM parsing fallback, which reduces risk if chosen.
Install Mechanism
No install spec — instruction-only plus a bundled Python script that uses only the Python standard library. Nothing is downloaded from external URLs by the skill itself.
Credentials
The skill requests no environment variables, credentials, or config paths. The code runs mvn/gradle from the provided project directory but does not attempt to read unrelated system files or environment secrets.
Persistence & Privilege
Skill is not always-enabled, does not request elevated or persistent platform privileges, and does not modify other skills or agent-wide configuration. Autonomous invocation remains possible (platform default) but is not combined with additional privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install jar-conflict-detector - 安装完成后,直接呼叫该 Skill 的名称或使用
/jar-conflict-detector触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
This skill should be used when the user needs to detect JAR package conflicts,
version inconsistencies, or known incompatible dependency pairs in a Spring Boot
microservices project. Trigger phrases include: "检测 jar 包冲突", "依赖冲突分析",
"dependency conflict", "jar 版本冲突", "pom 依赖检查", "排查 NoSuchMethodError",
"Spring Boot 升级冲突", or any request involving Maven/Gradle dependency resolution
issues in a Java/Spring Boot project.
元数据
常见问题
jar冲突检测器 是什么?
This skill should be used when the user needs to detect JAR package conflicts, version inconsistencies, or known incompatible dependency pairs in a Spring Bo... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 84 次。
如何安装 jar冲突检测器?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install jar-conflict-detector」即可一键安装,无需额外配置。
jar冲突检测器 是免费的吗?
是的,jar冲突检测器 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
jar冲突检测器 支持哪些平台?
jar冲突检测器 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 jar冲突检测器?
由 yssNB(@yssnb)开发并维护,当前版本 v1.0.0。
推荐 Skills