← 返回 Skills 市场
saas-scaffolder
作者
Alireza Rezvani
· GitHub ↗
· v1.0.0
· MIT-0
306
总下载
0
收藏
3
当前安装
2
版本数
在 OpenClaw 中安装
/install saas-scaffolder
功能描述
Generates complete, production-ready SaaS project boilerplate including authentication, database schemas, billing integration, API routes, and a working dash...
安全使用建议
This skill appears to do what it advertises: generate SaaS starter code and project templates. Before you use it:
- Treat generated projects as a starting point, not production-ready — replace placeholder secrets (JWT_SECRET, DATABASE_URL credentials, etc.) and harden configs.
- Inspect the generated docker-compose and .env files; the defaults expose DB ports and use weak passwords — change these before deploying or run in isolated networks.
- Supply your own third-party keys (Stripe, Google OAuth, AWS) and enable 2FA/rotation in those services; do not copy placeholder credentials into production.
- Review any third-party dependencies the scaffold adds before running npm/pip install (supply-chain risk).
- Run scaffolding in a sandboxed directory or CI job and review output before committing or deploying.
If you want extra assurance, share the full project output (or a sampling of generated files) and I can flag specific insecure defaults or hardening steps.
功能分析
Type: OpenClaw Skill
Name: saas-scaffolder
Version: 1.0.0
The 'saas-scaffolder' bundle is a comprehensive tool for generating SaaS project boilerplates using Next.js, Stripe, and Drizzle ORM. It includes a Python utility script (project_bootstrapper.py) for automated file and directory generation and detailed markdown instructions (SKILL.md) that guide an AI agent through a standard development and validation workflow. The provided code snippets for authentication, database schemas, and payment processing follow industry standards, and the documentation provides helpful architectural context. No evidence of malicious intent, data exfiltration, or harmful prompt injection was found; all components align strictly with the stated purpose of project bootstrapping.
能力评估
Purpose & Capability
The name/description (SaaS scaffolder) align with the included SKILL.md, references, and a local Python bootstrapper that generates project files. The skill does not request unrelated credentials or system access. However, the description promises "production-ready" code while templates and .env.example include insecure defaults (e.g., sample DB credentials, JWT_SECRET=change-me) and development-friendly docker-compose settings — so the marketing claim is stronger than what the generated output actually provides.
Instruction Scope
SKILL.md contains scaffolding instructions and many example code snippets (NextAuth, Drizzle schema, Stripe checkout route). The instructions do not tell the agent to read unrelated host files, exfiltrate data, or call external endpoints on its own; they are limited to generating project structure and example code. Example code references environment variables (GOOGLE_CLIENT_ID, STRIPE keys, NEXT_PUBLIC_APP_URL) but that is appropriate for a scaffold and those envs are not required by the skill at install/runtime.
Install Mechanism
There is no install spec — this is instruction-only with a bundled Python script for local generation. No downloads or external install URLs are present, and nothing in the manifest writes or executes remote code during install.
Credentials
The skill declares no required environment variables and does not request credentials from the platform. The templates and .env.example include many common sensitive variable names (DB credentials, AWS keys, JWT_SECRET, Stripe keys). This is expected for a scaffolder, but users should be aware the generated defaults are placeholders and sometimes weak (e.g., 'change-me', default DB passwords, docker-compose exposing DB ports).
Persistence & Privilege
The skill is not always-enabled and does not request persistent elevated privileges. It does not modify other skills or global agent settings. Running the included bootstrapper will create files in a user-specified output directory only.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install saas-scaffolder - 安装完成后,直接呼叫该 Skill 的名称或使用
/saas-scaffolder触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial publish
v2.1.1
v2.1.1: optimization, reference splits
元数据
常见问题
saas-scaffolder 是什么?
Generates complete, production-ready SaaS project boilerplate including authentication, database schemas, billing integration, API routes, and a working dash... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 306 次。
如何安装 saas-scaffolder?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install saas-scaffolder」即可一键安装,无需额外配置。
saas-scaffolder 是免费的吗?
是的,saas-scaffolder 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
saas-scaffolder 支持哪些平台?
saas-scaffolder 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 saas-scaffolder?
由 Alireza Rezvani(@alirezarezvani)开发并维护,当前版本 v1.0.0。
推荐 Skills