← 返回 Skills 市场
uniapp项目分析器 (脚本版)
作者
include5943
· GitHub ↗
· v1.0.0
· MIT-0
106
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install uniapp-analyzer-script
功能描述
脚本版 (PowerShell) - 精确统计离线分析,依赖 skill-seekers
安全使用建议
What to consider before installing/running:
- The tool is an offline project analyzer and its requirements (a 'skill-seekers' engine) make sense for that purpose, but the implementation has bugs/inconsistencies (config merging and exclusion lists) — expect to test on a non-critical project first.
- Running the script may attempt to pip install 'skill-seekers' (network download). If you are concerned, install and inspect that package manually (pip install --no-deps --download or review its source) before allowing the script to auto-install.
- Deep analysis parses manifest.json / package.json and will record AppIDs, plugin names and other metadata; do not run this on repositories that contain secrets or sensitive credentials you do not want written to temporary output directories. Use Preview mode first to see which files would be analyzed.
- Because the config handling appears not to merge type-specific configs correctly and some configs exclude package.json, behavior may be unexpected; verify detection and exclusion behavior on a test repo and use the --preview/-Preview flag to check the file list before proceeding.
- Best practice: run the tool inside an isolated environment (container or VM) or on a copy of the repository, examine generated analysis files before sharing them, and review the 'skill-seekers' package source if you plan to use this in production.
能力评估
Purpose & Capability
Name/description match the included scripts and configs: the tool inspects uni-app/Vue files, computes code-quality metrics and generates reports. Requiring 'skill-seekers' (the external analysis engine) is consistent with the stated design. However there are incoherences in the shipped implementation: SKILL.md describes merging base + type configs and parsing package.json for Vue detection, but the provided load_config implementation appears to only cat the base config (it does not merge the type-specific config). Additionally the configs list 'package.json' in excluded files for project types, which contradicts the SKILL.md's stated deep-analysis of package.json. These are design/engineering issues (not obviously malicious) but reduce internal consistency.
Instruction Scope
Runtime instructions and scripts operate on project files only (manifest.json, pages.json, package.json, .vue/.js files). The tool copies project files to a temporary directory and invokes 'skill-seekers' to do deep analysis — that behavior is coherent with project analysis. One privacy-relevant item: deep analysis explicitly extracts manifest fields such as AppID, permissions and third‑party SDKs (e.g., ad SDKs), which can contain sensitive identifiers; while relevant to analysis, this means provider or downstream tooling could see secrets embedded in project files. The SKILL.md does not instruct sending data to external endpoints, but the script can attempt to pip-install an external package (network activity) and will write temporary output to disk.
Install Mechanism
There is no registry-level install spec; the scripts prompt to install 'skill-seekers' via pip if it is missing. That is a normal but moderate-risk pattern: pip will fetch code from the Python package index (network download). The skill does not embed or download arbitrary binaries itself, but automatic installation is attempted when the user consents. If you do not trust 'skill-seekers', you should inspect or install it manually from a known source before running this skill.
Credentials
The skill does not request environment variables, credentials, or config paths in the manifest. That is appropriate for a local code analyzer. Caveat: the analyzer reads project files (and saves copies to temporary directories), so secrets stored in repository files (manifest.json, package.json, config files, or accidentally committed .env-like files) will be included in analysis outputs. The base config does attempt to exclude common secret files (e.g., .env patterns) but the shipped exclude lists contain small oddities (e.g., 'package.json' is listed as an excluded file in some type configs, which conflicts with expected parsing).
Persistence & Privilege
The skill is not marked always:true and does not declare elevated platform privileges. It writes temporary analysis output into an analysis-output directory under the project and creates temp config files; that is expected for a local analyzer. It does not modify other skills or system-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install uniapp-analyzer-script - 安装完成后,直接呼叫该 Skill 的名称或使用
/uniapp-analyzer-script触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
脚本版分析器,PowerShell 驱动,精确统计离线分析,依赖 skill-seekers
元数据
常见问题
uniapp项目分析器 (脚本版) 是什么?
脚本版 (PowerShell) - 精确统计离线分析,依赖 skill-seekers. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 106 次。
如何安装 uniapp项目分析器 (脚本版)?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install uniapp-analyzer-script」即可一键安装,无需额外配置。
uniapp项目分析器 (脚本版) 是免费的吗?
是的,uniapp项目分析器 (脚本版) 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
uniapp项目分析器 (脚本版) 支持哪些平台?
uniapp项目分析器 (脚本版) 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 uniapp项目分析器 (脚本版)?
由 include5943(@include5943)开发并维护,当前版本 v1.0.0。
推荐 Skills