← 返回 Skills 市场
charlie-morrison

Tech Debt Scanner

作者 charlie-morrison · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ 安全检测通过
59
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install tech-debt-scanner
功能描述
Scan codebases for technical debt — TODO/FIXME comments, deprecated APIs, complexity hotspots, outdated patterns, missing tests, large files — then prioritiz...
安全使用建议
This skill appears to do what it says (repo scans and prioritized tech-debt reports). Before using it: (1) Inspect the SKILL.md commands and confirm you are comfortable with running them against the target repository (they read files and run git/npm/pip commands). (2) Ensure the runtime environment has the required tools (ripgrep 'rg', git, find, python3, bc, npm/pip where needed) or adjust the commands. (3) Be aware that npm/pip commands may contact external registries (network access). (4) Test on a non-sensitive or local copy first to verify results. The main inconsistency is that the registry metadata did not list the CLI dependencies the instructions actually require — that should be fixed by the publisher.
功能分析
Type: OpenClaw Skill Name: tech-debt-scanner Version: 1.0.0 The tech-debt-scanner skill is a legitimate utility designed to audit codebases for quality issues. It utilizes standard command-line tools such as ripgrep (rg), find, and git to identify TODO markers, cyclomatic complexity, and outdated dependencies. The logic is transparent, aligns perfectly with the stated purpose in SKILL.md, and contains no evidence of data exfiltration, unauthorized network access, or malicious prompt injection.
能力评估
Purpose & Capability
The name and description match what the SKILL.md instructs: searching for TODO/FIXME, complexity hotspots, outdated patterns, missing tests, dependency issues, duplication, and producing a prioritized report. However, the metadata declares no required binaries while the runtime instructions rely on several command-line tools (rg/ripgrep, find, git, npm, pip, python3, bc, wc, rg, etc.). The absence of declared required binaries is an inconsistency but not evidence of malicious intent.
Instruction Scope
All commands and file reads are within the scope of scanning a repository (searching files, running git log, inspecting package manifests, running dependency checks). The skill will read repository files and run package-manager queries (npm outdated, pip list) which contact external registries — this is expected for dependency checks. The instructions do not direct data to unexpected external endpoints or request unrelated system paths or secrets.
Install Mechanism
Instruction-only skill with no install spec or code files — lowest install risk. Nothing is downloaded or written to disk by an installer step.
Credentials
The skill requests no environment variables or credentials (appropriate). But it implicitly requires local tooling and network access to package registries. If run in an environment with restricted network access or without the listed CLIs, parts of the scan will fail. No unexpected credentials or config paths are requested.
Persistence & Privilege
always:false and no install steps; the skill does not request persistent presence or modify other skills or system-wide settings. Autonomous invocation is allowed by default but not excessive given the skill's benign scope.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install tech-debt-scanner
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /tech-debt-scanner 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of tech-debt-scanner — a tool to detect, prioritize, and help remediate technical debt across codebases. - Scans for TODO/FIXME/HACK comments, deprecated APIs, complexity hotspots, outdated coding patterns, missing or weak tests, dependency issues, and code duplication. - Produces actionable, prioritized reports with risk, effort, and impact analysis. - Offers focused commands for hotspot detection, TODO/FIXME audits, dependency health, and test coverage gaps. - Utilizes AI reasoning to suggest remediation steps and prioritization. - Multiple output formats supported (text, JSON).
元数据
Slug tech-debt-scanner
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Tech Debt Scanner 是什么?

Scan codebases for technical debt — TODO/FIXME comments, deprecated APIs, complexity hotspots, outdated patterns, missing tests, large files — then prioritiz... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 59 次。

如何安装 Tech Debt Scanner?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install tech-debt-scanner」即可一键安装,无需额外配置。

Tech Debt Scanner 是免费的吗?

是的,Tech Debt Scanner 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Tech Debt Scanner 支持哪些平台?

Tech Debt Scanner 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Tech Debt Scanner?

由 charlie-morrison(@charlie-morrison)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论