← 返回 Skills 市场

Code Assistant

Name: Code Assistant
Author: evolinkai

作者 EvolinkAI · GitHub ↗ · v1.0.6 · MIT-0

cross-platform ⚠ suspicious

127

总下载

当前安装

版本数

在 OpenClaw 中安装

/install verified-code

功能描述

Generate, review, debug, and refactor production-ready Python, JavaScript/TypeScript, Go, Rust, Java, and C/C++ code with verified syntax and tests.

安全使用建议

This skill will read user-specified workspace files, run syntax checks/tests locally (i.e., execute your code), and—if you consent—transmit workspace files to api.evolink.ai using an EVOLINK_API_KEY. The platform metadata shown to you omitted those required env vars and the CLI/binary dependency, which is inconsistent with the README/_meta.json. Before installing or running it: - Treat it as a cloud-backed service that will send code externally. Do NOT use it on repositories containing secrets, proprietary code, or confidential data. - Verify the vendor (Evolink.ai) and their published repository and privacy/security documentation (links are present in README). Confirm the actual endpoint(s) and what data is transmitted. - Prefer testing in a sandbox or a non-sensitive sample repo first. - Ask the skill author to fix the metadata inconsistency so required env vars (EVOLINK_API_KEY, EVOLINK_MODEL) and required binaries (node, any test tools) are declared on the platform. - If you cannot confirm the implementation/source code of the CLI/service, avoid granting an API key or running it against sensitive codebases.

功能分析

Type: OpenClaw Skill Name: verified-code Version: 1.0.6 The 'verified-code' skill is a code assistant that integrates with the Evolink.ai API to generate, review, and debug code. It involves high-risk behaviors such as transmitting workspace files to an external endpoint (api.evolink.ai) and executing local code for syntax verification and testing; however, these are core features of the stated service and are clearly documented. The SKILL.md instructions explicitly direct the AI agent to obtain user consent before transmitting data and to limit file access to only what is necessary, demonstrating a focus on security and transparency.

能力评估

⚠ Purpose & Capability

The skill's functionality (generate/verify/run code) matches its name and description. However the registry metadata presented to the platform declares no required environment variables or binaries while the shipped README/_meta.json/docs explicitly require EVOLINK_API_KEY, EVOLINK_MODEL and list 'node' as a binary. That mismatch is concerning because the skill will rely on external API credentials and a CLI that are not declared in the platform metadata.

⚠ Instruction Scope

SKILL.md explicitly instructs the agent to read user-specified workspace files and transmit workspace code to api.evolink.ai after asking consent, and to run local verification (syntax checks/tests). Asking for consent is good practice, but the skill's core behavior includes sending repository files externally and executing user code — both sensitive operations. There are also internal contradictions: 'Minimal File Access' vs README statements like 'Reads your project structure' which imply broader workspace scanning unless strictly constrained by user input.

ℹ Install Mechanism

This is instruction-only (no install spec), which reduces automatic install risk. But the package.json/package-lock in the file manifest advertise a CLI ('evocode') and Node dependency while no install instructions are provided to the platform. That mismatch may confuse users and suggests the skill expects external tooling that the platform will not automatically supply.

⚠ Credentials

The skill will require an EVOLINK_API_KEY and (optionally) EVOLINK_MODEL to operate against an external API, and it declares network and shell access in its _meta.json. Those credentials are proportionate to a cloud-based code-generation service, but the platform registry fields shown to the installer list no required env vars — an important omission that hides the need to provide a secret API key and increases the chance a user will inadvertently transmit private code without realizing it.

ℹ Persistence & Privilege

always is false (no forced persistence), and the skill does not request platform-wide configuration changes. It does require the ability to execute shell commands and run tests (i.e., execute user code), which is expected for a code-verification skill but increases risk if used on untrusted repositories. The SKILL.md requires user consent before transmission which mitigates some risk, but autonomous agent invocation combined with network access and an external API key would increase blast radius if the agent disregards consent prompts.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install verified-code
安装完成后，直接呼叫该 Skill 的名称或使用 /verified-code 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.6

Version 1.0.6 - Added explicit user consent and minimal file access requirements before reading or transmitting workspace files. - Updated workflow and security instructions to reflect new privacy safeguards. - Skill now asks users to confirm absence of secrets/confidential info before analyzing files. - Improved documentation to clarify that only specified files or user-approved files are accessed. - Enhanced guidance for use in trusted or sandboxed environments.

v1.0.5

- Documentation updated: no functional changes, but SKILL.md received minor wording or formatting edits. - No changes to code or behavior in this release.

v1.0.4

- Documentation or metadata updated; no user-facing logic or feature changes. - No impact on skill usage or results.

v1.0.3

- Documentation updated only; no changes to code or functionality. - SKILL.md markdown formatting, instructions, and example content remain unchanged in substance. - No impact on usage, configuration, or compatibility.

v1.0.2

- Expanded security section in documentation to highlight that workspace files (including user code) are sent to api.evolink.ai for processing. - Added warnings about transmitting confidential information and executing untrusted code during verification. - Clarified file access behavior and the importance of using the skill only with trusted repositories or in sandboxed environments. - No changes to functionality; documentation updates only.

v1.0.1

- Updated metadata and documentation files. - No changes to skill logic or functionality.

v1.0.0

Code Assistant 1.0.0 — Initial Release - Generate, review, debug, and refactor code in Python, JavaScript/TypeScript, Go, Rust, Java, and C/C++. - Produces fully working, no-placeholder code with automatic syntax verification and optional testing. - Performs context-aware file analysis before edits; supports targeted, minimal changes. - Detects project language and runs appropriate verification commands. - Includes robust security and workspace file access controls. - Detailed instructions, workflow, and sample CLI usage provided.

元数据

Slug verified-code

版本 1.0.6

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 7

常见问题

Code Assistant 是什么？

Generate, review, debug, and refactor production-ready Python, JavaScript/TypeScript, Go, Rust, Java, and C/C++ code with verified syntax and tests. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 127 次。

如何安装 Code Assistant？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install verified-code」即可一键安装，无需额外配置。

Code Assistant 是免费的吗？

是的，Code Assistant 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Code Assistant 支持哪些平台？

Code Assistant 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Code Assistant？

由 EvolinkAI（@evolinkai）开发并维护，当前版本 v1.0.6。