← 返回 Skills 市场
athola

Nm Pensive Tiered Audit

作者 athola · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ 安全检测通过
79
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install nm-pensive-tiered-audit
功能描述
Audit a codebase using three escalation tiers: git history analysis, targeted deep-dives, and full codebase review with gating
安全使用建议
This skill appears coherent with its stated purpose, but check a few practical things before installing: (1) Confirm you are comfortable with the agent running git commands and reading repository files (it will read flagged source files and some plugin/skill metadata like CLAUDE.md). (2) Review what 'night-market.imbue:proof-of-work' config means in your environment — ensure it doesn't contain secrets you don't want an agent to access. (3) Be aware the skill writes findings to .coordination/agents/*.findings.md — verify your workflow for handling those artifacts (they should not be auto-committed/published unless you intend it). (4) Tier 3 requires explicit user approval; keep that guard enabled if you want to avoid full-codebase audits without confirmation.
功能分析
Type: OpenClaw Skill Name: nm-pensive-tiered-audit Version: 1.0.0 The skill bundle implements a structured, three-tier codebase audit process (git history, targeted deep-dives, and full review). It uses standard, read-only git commands (e.g., `git log`, `git diff`) to identify churn hotspots and instability patterns, and it includes a mandatory user-approval gate before escalating to the most resource-intensive tier. No evidence of data exfiltration, malicious execution, or prompt injection was found; the logic is entirely consistent with its stated purpose of code quality assessment.
能力评估
Purpose & Capability
The name/description (tiered audit) match the runtime instructions: Tier 1 runs git history commands, Tier 2 reads flagged source files, Tier 3 is gated for full codebase review. The only declared requirement (night-market.imbue:proof-of-work) is referenced by the SKILL.md (output contracts / imbue modules), so it appears relevant.
Instruction Scope
Instructions explicitly run git commands, read source files in flagged areas, and write findings into .coordination/agents/*.findings.md — all expected for an audit. The doc instructs the agent to 'Load area context from plugin CLAUDE.md and skill descriptions,' which could cause the agent to open other plugin/skill metadata files in the repository; this is coherent for context-gathering but worth noting as broader file access within the repo.
Install Mechanism
There is no install spec and no code files. This is instruction-only, so nothing is downloaded or written by an installer. Risk from installs is low.
Credentials
The skill requests no environment variables or external credentials. It does declare a required config path (night-market.imbue:proof-of-work) which is referenced in the documents; this appears proportionate to the output-contract / gating mechanisms and not excessive.
Persistence & Privilege
The skill writes findings files into .coordination/agents/*.findings.md within the repository. It does not request always:true or system-wide privileges. Ensure you are comfortable with the agent creating/writing those files in your repo and that the agent is not set to auto-commit or publish these files without review.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install nm-pensive-tiered-audit
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /nm-pensive-tiered-audit 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of the tiered-audit skill for codebase auditing. - Implements a three-tier process: Git history analysis (Tier 1), targeted deep-dives (Tier 2), and full codebase review with gating (Tier 3). - Designed for escalation based on codebase risk, starting with git analysis and escalating only if needed. - Output contract and evidence requirements defined for each tier, with file-based coordination of findings. - Not intended for individual file reviews or architecture-only audits; see documentation for alternatives.
元数据
Slug nm-pensive-tiered-audit
版本 1.0.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Nm Pensive Tiered Audit 是什么?

Audit a codebase using three escalation tiers: git history analysis, targeted deep-dives, and full codebase review with gating. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 79 次。

如何安装 Nm Pensive Tiered Audit?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install nm-pensive-tiered-audit」即可一键安装,无需额外配置。

Nm Pensive Tiered Audit 是免费的吗?

是的,Nm Pensive Tiered Audit 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Nm Pensive Tiered Audit 支持哪些平台?

Nm Pensive Tiered Audit 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Nm Pensive Tiered Audit?

由 athola(@athola)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 留言讨论