← 返回 Skills 市场
Tech Stack Evaluator
作者
Alireza Rezvani
· GitHub ↗
· v2.1.1
· MIT-0
1547
总下载
0
收藏
4
当前安装
2
版本数
在 OpenClaw 中安装
/install tech-stack-evaluator
功能描述
Technology stack evaluation and comparison with TCO analysis, security assessment, and ecosystem health scoring. Use when comparing frameworks, evaluating te...
安全使用建议
This package appears to be a legitimate tech-evaluation tool, but there is a mismatch between the SKILL.md (which shows convenient CLI usage and implies automatic fetching of GitHub/npm/security data) and the provided Python modules (which look like library components that expect structured input). Before using it in production or granting it network/agent privileges: 1) Inspect the remaining scripts (especially security_assessor.py and stack_comparator.py) for any network calls, subprocess usage, or hidden endpoints (look for imports like requests, urllib, subprocess). 2) Confirm whether CLI wrappers or data-fetching code are present or must be added — the examples may be aspirational. 3) Run the scripts in an isolated environment with the provided sample inputs to verify behavior. 4) If you expect live metric collection, ask the author for documentation on authentication and endpoints; do not provide credentials until you confirm what is contacted and why. If you want, I can scan the remaining truncated files for network/subprocess calls and make the assessment more precise.
功能分析
Type: OpenClaw Skill
Name: tech-stack-evaluator
Version: 2.1.1
The tech-stack-evaluator bundle is a legitimate tool designed for technology comparison, TCO calculation, and migration analysis. All analyzed Python scripts (such as stack_comparator.py, tco_calculator.py, and security_assessor.py) contain pure mathematical and logical implementations for scoring metrics based on provided input data. There is no evidence of network activity, shell execution, data exfiltration, or obfuscation. The SKILL.md instructions are strictly functional and do not attempt to manipulate the AI agent into performing unauthorized or harmful actions.
能力评估
Purpose & Capability
Name/description (tech comparisons, TCO, security assessment) align with the provided scripts (comparator, TCO, migration, ecosystem, security). No required env vars or binaries are declared, which is proportionate to the stated purpose. However, SKILL.md examples imply the scripts will fetch live GitHub/npm metrics or be usable via CLI flags (e.g., `--technology react`), while the visible modules (e.g., ecosystem_analyzer.py, format_detector.py, migration_analyzer.py) are written as library classes/functions that accept data dicts rather than showing a network fetcher or CLI argument parsing — so there is a mild capability mismatch between documentation and code.
Instruction Scope
SKILL.md instructs running scripts with command-line flags and suggests automated retrieval of ecosystem/security metrics. The included source snippets mostly define classes and pure computation functions that expect structured input rather than performing network calls or having CLI entry points. The instructions therefore overstate automation (implied live data collection). This is not directly dangerous, but it is an incoherence: the agent or user may expect the skill to fetch external data automatically when the code appears to require pre-supplied metrics.
Install Mechanism
No install spec is provided and the skill is instruction-only plus local Python scripts. That keeps disk/write risk low. There are no external downloads, URL installs, or package manager installs in the repository metadata.
Credentials
The skill declares no required environment variables, credentials, or config paths — which is appropriate given the documented behavior. No files or variables appear to be requested that would be disproportionate to the task.
Persistence & Privilege
The skill is not set to always:true and does not request elevated persistence. It contains only local scripts and references sample input/data assets; there is no evidence it modifies other skills or global agent settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install tech-stack-evaluator - 安装完成后,直接呼叫该 Skill 的名称或使用
/tech-stack-evaluator触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.1.1
v2.1.1: optimization, reference splits
v1.0.0
Initial release of Technology Stack Evaluator.
- Supports comprehensive technology comparison with weighted scoring.
- Calculates 5-year total cost of ownership (TCO), including hidden costs.
- Assesses ecosystem health using GitHub and npm metrics.
- Evaluates security and compliance readiness.
- Estimates migration effort, risks, and timelines.
- Provides multiple input formats: text, YAML, and JSON.
- Includes command-line scripts for stack comparison, TCO, ecosystem health, security, and migration analysis.
元数据
常见问题
Tech Stack Evaluator 是什么?
Technology stack evaluation and comparison with TCO analysis, security assessment, and ecosystem health scoring. Use when comparing frameworks, evaluating te... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1547 次。
如何安装 Tech Stack Evaluator?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install tech-stack-evaluator」即可一键安装,无需额外配置。
Tech Stack Evaluator 是免费的吗?
是的,Tech Stack Evaluator 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Tech Stack Evaluator 支持哪些平台?
Tech Stack Evaluator 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Tech Stack Evaluator?
由 Alireza Rezvani(@alirezarezvani)开发并维护,当前版本 v2.1.1。
推荐 Skills