← 返回 Skills 市场
79
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install ratelint
功能描述
Rate limiting & API throttling anti-pattern analyzer -- detects missing rate limits, brute force exposure, no backoff strategies, unbounded queues, retry sto...
安全使用建议
This skill appears to do what it claims: local regex-based scanning for rate‑limit and throttling anti‑patterns. Before installing, note that:
- It will attempt to install or use lefthook (brew lefthook) to add pre-commit / pre-push hooks; these hooks will run scans automatically and modify lefthook.yml in your repo.
- Paid features require RATELINT_LICENSE_KEY; if not set, the skill will look in ~/.openclaw/openclaw.json for a stored key. If you keep other secrets in that file, be aware the skill reads it to extract ratelint.apiKey.
- The scanner is entirely local and uses grep/regex patterns; expect false positives and potential performance impact on large repositories, especially when pre-push triggers a full scan.
Recommendations: review the lefthook.yml changes before committing them, place your license key in the environment or in an appropriate config store you control, and run the scan manually on a small repo first to verify behavior. If you need stricter isolation, run the skill inside a disposable environment or CI job rather than enabling automatic hooks globally.
功能分析
Type: OpenClaw Skill
Name: ratelint
Version: 1.0.0
RateLint is a static analysis tool for detecting rate-limiting and API throttling anti-patterns. The skill operates entirely locally using standard bash utilities like `grep` and `find` to scan codebases against a set of 90 regex patterns defined in `patterns.sh`. It includes legitimate features for CI/CD integration, report generation (HTML/JSON/Markdown), and Git hook management via `lefthook`. The license validation logic in `license.sh` is performed offline using JWT decoding and does not involve any telemetry or external network calls. The tool's behavior, including its access to the standard `~/.openclaw/openclaw.json` configuration file, is consistent with its stated purpose and lacks any indicators of malicious intent or data exfiltration.
能力评估
Purpose & Capability
Name/description (rate‑limit anti‑pattern analyzer) match the included scripts, patterns, and the use of lefthook for git hook integration. Required binaries (git, bash) and the brew dependency (lefthook) are reasonable for the stated functionality.
Instruction Scope
Runtime instructions and scripts perform local file discovery and regex scanning, produce reports, and integrate with git hooks. They do read the user's OpenClaw config (~/.openclaw/openclaw.json) as a license key fallback; that is consistent with the license flow but is an extra config read the user should expect. The pre-commit and pre-push hooks will run scans automatically (pre-push runs a full scan of the working tree), which can be intrusive or slow in large repos.
Install Mechanism
Install specification is a single well-known brew formula (lefthook) to manage git hooks. No downloads from unknown hosts or archive extraction are present. Note: brew usage may be platform-limited (Windows users may need Git Bash / alternate installation).
Credentials
The only declared primary credential is RATELINT_LICENSE_KEY, which the license module legitimately uses to unlock paid tiers. The license module also looks in ~/.openclaw/openclaw.json for a stored key (using python/node/jq fallbacks). Reading that config file is proportionate to retrieving a locally stored license key, but users should be aware the skill will try to read that file (it extracts only ratelint.apiKey).
Persistence & Privilege
The skill does not request 'always: true'. It offers to install lefthook hooks which will modify a repository's lefthook.yml and run lefthook install; this changes repository behavior by adding pre-commit/pre-push scans. This is expected for a linter but is persistent and can affect normal git workflows.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install ratelint - 安装完成后,直接呼叫该 Skill 的名称或使用
/ratelint触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of RateLint: Rate limiting & API throttling anti-pattern analyzer.
- Scans codebases for rate limiting, brute force, throttling, backoff, queue overflow, and DDoS anti-patterns using pattern matching.
- Supports free, Pro, and Team tiers with 30, 60, or 90 patterns across 6 categories.
- Provides CLI with multiple scan modes (`scan`, output in markdown/JSON/HTML, category filtering, verbose, status).
- Integrates with git via lefthook; runs 100% locally with zero telemetry.
- Offers scoring, grading, and actionable remediation on findings; outputs detailed markdown reports.
- Configurable via JSON for severity threshold, ignored patterns/checks, and report format.
元数据
常见问题
ratelint 是什么?
Rate limiting & API throttling anti-pattern analyzer -- detects missing rate limits, brute force exposure, no backoff strategies, unbounded queues, retry sto... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 79 次。
如何安装 ratelint?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install ratelint」即可一键安装,无需额外配置。
ratelint 是免费的吗?
是的,ratelint 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
ratelint 支持哪些平台?
ratelint 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(darwin, linux, win32)。
谁开发了 ratelint?
由 suhteevah(@suhteevah)开发并维护,当前版本 v1.0.0。
推荐 Skills