← 返回 Skills 市场
python-code-analyz
作者
sujian0606-cpu
· GitHub ↗
· v1.0.0
· MIT-0
118
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install python-code-analyz
功能描述
专业Python代码分析与优化,支持语法检查、安全扫描、性能评估、复杂度分析及重构后的优化代码生成。
安全使用建议
This skill appears coherent with its stated purpose (static Python analysis and auto-refactoring) and doesn't ask for credentials or download code from arbitrary URLs. Before installing or running: 1) Inspect the remaining parts of analyzer.py (the provided snippet was truncated) to confirm there are no hidden network calls or file exfiltration; 2) Run the tool in a sandboxed environment or container first; 3) Do not run publish.sh unless you intend to publish and have the ClawHub CLI and account — it requires a logged-in user and will call clawhub publish; 4) Treat example code that includes hardcoded API keys as purely illustrative and never copy such secrets into real projects. If you want, I can fully scan the remaining parts of analyzer.py (provide the truncated portion) or run a targeted static check for network/subprocess/file-write patterns.
功能分析
Type: OpenClaw Skill
Name: python-code-analyz
Version: 1.0.0
The 'Code Analyzer' skill is a legitimate static analysis tool designed to identify security vulnerabilities, performance issues, and code quality smells in Python code. The core logic in `analyzer.py` uses the standard `ast` module to parse code and detect risks such as SQL injection, command injection, and hardcoded secrets without executing the analyzed code or performing unauthorized network/file operations. The bundle's documentation (SKILL.md, README.md) and supporting scripts (publish.sh, example.py) are consistent with its stated purpose of providing automated code reviews and optimization suggestions.
能力评估
Purpose & Capability
Name/description (Python code analysis, security/performance checks, refactoring) align with the included code, docs, and examples. The code implements AST-based checks, secret pattern detection, timeout checks, SQL/command injection heuristics, etc., which are expected for this purpose. Repository metadata and SKILL.md match the analyzer functionality.
Instruction Scope
SKILL.md instructs standard repo actions (git clone, pip install -r requirements.txt, run analyzer or paste code for analysis). It does not instruct reading unrelated host files or sending data to unexpected external endpoints. Minor notes: example.py writes a sample file to /tmp (benign but will create/overwrite files there), SKILL.md and README contain placeholder GitHub URLs (yourusername) which are not real — verify repository/source before cloning. The example includes a hardcoded API key purely as demonstration; treat such examples as insecure if copied into production.
Install Mechanism
There is no automated install spec in the registry metadata (instruction-only skill). SKILL.md suggests pip install from local repo and requirements.txt is empty (standard-library-only), so no remote installers or downloads are required. publish.sh and PUBLISH.md call a ClawHub CLI for publishing only; they do not download arbitrary code. Overall low install risk.
Credentials
The skill requests no environment variables, no credentials, and no config paths. The code recommends using environment variables for secrets (os.getenv) in suggestions but does not require any secrets. No evidence of credential exfiltration or calls that would need unrelated credentials.
Persistence & Privilege
Flags are standard: always:false, user-invocable:true, autonomous invocation allowed (default). The skill does not request permanent system presence or modify other skills' configs. publish.sh contains operations to publish the skill (requires clawhub login) but that is a normal developer helper and not an elevation of privilege.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install python-code-analyz - 安装完成后,直接呼叫该 Skill 的名称或使用
/python-code-analyz触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
python-code-analyz v1.0.0
- Initial release of the Python code analysis and optimization skill
- Provides syntax checks, security vulnerability scanning, and performance improvement suggestions
- Generates directly usable, refactored code based on analysis
- Supports CLI usage, Python API integration, and agent-mode code review
- Includes severity-based issue ranking and a customizable rules/config system
元数据
常见问题
python-code-analyz 是什么?
专业Python代码分析与优化,支持语法检查、安全扫描、性能评估、复杂度分析及重构后的优化代码生成。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 118 次。
如何安装 python-code-analyz?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install python-code-analyz」即可一键安装,无需额外配置。
python-code-analyz 是免费的吗?
是的,python-code-analyz 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
python-code-analyz 支持哪些平台?
python-code-analyz 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 python-code-analyz?
由 sujian0606-cpu(@sujian0606-cpu)开发并维护,当前版本 v1.0.0。
推荐 Skills