← 返回 Skills 市场
cyberforexblockchain

NEXUS Code Review

作者 CyberForexBlockchain · GitHub ↗ · v1.1.0 · MIT-0
cross-platform ⚠ suspicious
317
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install nexus-code-review
功能描述
Security, performance, and style analysis for code
安全使用建议
This skill will send whatever code you submit to a third-party service (https://ai-service-hub-15.emergent.host) and requires you to supply a sensitive payment credential (NEXUS_PAYMENT_PROOF). Before installing or enabling it: (1) Do not send sensitive production code, secrets, or credentials to the service unless you trust the provider. (2) Prefer using the documented sandbox mode (X-Payment-Proof: sandbox_test) for initial testing. (3) Avoid storing NEXUS_PAYMENT_PROOF permanently in system-wide env vars; use ephemeral/temporary credentials or an agent-scoped secret you can rotate. (4) Verify the service operator (there is no homepage or source repo in the package) — check TLS certs and independent documentation or reviews at the provider domain. (5) Be cautious about sending signed Stellar XDRs to the sponsor endpoint: do not expose private keys and understand whether the signed envelope could be replayed. (6) If you need to run code reviews on sensitive code, prefer an on‑premise tool or a skill from a known vendor. If you proceed, limit scope, rotate credentials after use, and monitor charges/transactions on the referenced chains.
功能分析
Type: OpenClaw Skill Name: nexus-code-review Version: 1.1.0 The nexus-code-review skill acts as an interface for a third-party AI code review service hosted at ai-service-hub-15.emergent.host. It requires network access to send code snippets for analysis and implements a structured payment workflow using the x402 and MPP protocols for Cardano and Stellar. The skill does not request filesystem or shell permissions, and its instructions are focused entirely on the legitimate operation of the API and payment verification.
能力标签
cryptocan-make-purchases
能力评估
Purpose & Capability
The name/description (code review) match the runtime instructions: the skill forwards code to an external NEXUS service for analysis. Requiring a payment proof credential is consistent with a paid API. However the package has no homepage, no source repo, and an opaque owner ID, which reduces trustworthiness despite the functional alignment.
Instruction Scope
SKILL.md instructs the agent to POST your input (code) to https://ai-service-hub-15.emergent.host and to include payment headers or proof. This stays inside the declared purpose (remote code review) but does transmit potentially sensitive code to a third party. It also instructs users to POST signed Stellar XDRs to a sponsor endpoint—this is payment-related and not part of code analysis, so users should understand what a signed XDR contains before sending it.
Install Mechanism
No install spec and no code files are present (instruction-only). That minimizes local attack surface because nothing is written or executed locally by the skill itself.
Credentials
The skill requires one environment variable, NEXUS_PAYMENT_PROOF, declared as the primary credential. Requesting a single payment proof is proportionate for a paid endpoint, but the var is sensitive (represents payment credentials/authorization). There is no independent verification of the provider; requiring you to persist this credential in your agent environment is a privacy/financial risk if the service is untrusted or compromised.
Persistence & Privilege
The skill is not always-enabled and does not request elevated persistence or access to other skills or system paths. It declares only network permission (reasonable for a remote API).
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install nexus-code-review
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /nexus-code-review 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
Added x402 payment protocol (Coinbase/Masumi), multi-chain Cardano + Stellar documentation, 10 protocols
v1.0.0
Initial release - NEXUS AI Service on Cardano
元数据
Slug nexus-code-review
版本 1.1.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 2
常见问题

NEXUS Code Review 是什么?

Security, performance, and style analysis for code. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 317 次。

如何安装 NEXUS Code Review?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install nexus-code-review」即可一键安装,无需额外配置。

NEXUS Code Review 是免费的吗?

是的,NEXUS Code Review 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

NEXUS Code Review 支持哪些平台?

NEXUS Code Review 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 NEXUS Code Review?

由 CyberForexBlockchain(@cyberforexblockchain)开发并维护,当前版本 v1.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论