← 返回 Skills 市场
Vibe Coding Cn
作者
gotomanutd-dot
· GitHub ↗
· v4.1.0
· MIT-0
103
总下载
0
收藏
1
当前安装
2
版本数
在 OpenClaw 中安装
/install vibe-coding-cn
功能描述
AI 团队协作,自动生成完整项目。5 Agent + SPEC.md + Agent 投票审批 + 需求追溯。必须在 OpenClaw 环境中使用。
安全使用建议
This skill appears to implement the described multi‑agent project generator and mostly asks for proportional capabilities (node, OpenClaw sessions). However, it is designed to make automated decisions and save generated files into your workspace — sometimes explicitly without waiting for user approval. Before installing or enabling it: 1) Review the executor code (executors/vibe-executor-v4.1.js and index.js) to confirm when and how saveFiles()/file writes are triggered. 2) Test the skill in a disposable/sandbox workspace to observe what it writes and whether it asks you to confirm changes. 3) Avoid running optional servers (the 'ws' dashboard) unless you trust the environment and have checked the server code. 4) If you want tighter control, require the skill to run only in a user‑invoked mode or modify it so every save/action requires explicit user confirmation. 5) If you lack time to audit code, treat the skill as potentially able to modify local files and proceed accordingly (backup important workspaces first).
功能分析
Type: OpenClaw Skill
Name: vibe-coding-cn
Version: 4.1.0
The skill bundle exhibits a significant discrepancy between its declared permissions in 'claw.json' (which claims no network access) and its actual implementation. Specifically, 'server.js' starts a local HTTP and WebSocket server for progress monitoring, and 'executors/llm-client.js' contains logic for outbound HTTPS requests to the Alibaba DashScope API. While these features are aligned with the tool's stated purpose of project generation and visualization, the misleading manifest is a security concern. Furthermore, 'executors/vibe-executor-v4.1.js' uses 'child_process.exec' to open directories, which, although intended for UX, presents a potential shell injection risk if the project directory name is not perfectly sanitized. The skill also requests broad 'sessions_spawn' and 'exec' capabilities.
能力标签
能力评估
Purpose & Capability
Name/description (AI team orchestration, SPEC.md, 5 agents, voting, incremental updates) align with the provided code, docs, and required binary (node). Declared capabilities (sessions_spawn, file_read, file_write) match the implementation and examples which use OpenClaw sessions_spawn and write output files. No unrelated credentials or config paths are requested.
Instruction Scope
The SKILL.md explicitly instructs the Orchestrator to spawn subagents (sessions_spawn), run multi‑phase workflows, perform quality checks, and save generated files to the workspace. Many examples show automated vote-based decision logic and auto‑proceed semantics ('自动决策,无需用户等待'). While some examples show asking for confirmation, the docs repeatedly state decisions can be automatic — meaning the skill can produce and persist code changes without explicit, enforced user approval. SKILL.md also includes examples that open folders and suggests running an optional WebSocket UI; these actions touch local filesystem and can introduce network exposure if the optional server is run.
Install Mechanism
No external download/install spec is provided (skill is packaged with source files). package.json/DEPENDENCIES.md declare only native Node modules for core functionality and an optional 'ws' for the visual dashboard. There are no remote code downloads or obscure third‑party install URLs in the provided materials. Postinstall behavior is mentioned in docs; verify any postinstall scripts before running.
Credentials
The skill requests only the 'node' binary and no environment variables or external credentials, consistent with its stated design that uses OpenClaw's sessions_spawn or an injected llmCallback (relying on the platform's LLM). There are no declared secrets requested by the skill. The only potential indirect need is access to the OpenClaw session APIs (sessions_spawn), which is appropriate for an OpenClaw-only skill.
Persistence & Privilege
always:false (good), but the skill is designed to be invoked by the agent and can autonomously run workflows that write files into the user's workspace and (optionally) start a local UI server. The combination of autonomous invocation (the platform default), file_write capability, and explicit language about '自动决策,无需用户等待' increases risk that changes will be applied without an unambiguous user consent step. Consider treating the skill as high‑impact until you confirm it always asks for explicit confirmation before persisting nontrivial changes.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install vibe-coding-cn - 安装完成后,直接呼叫该 Skill 的名称或使用
/vibe-coding-cn触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v4.1.0
Major update with new agent approvals, traceability, and improved OpenClaw integration.
- Introduced SPEC.md generation based on requirements and architecture for clearer specification and traceability.
- Added agent voting and approval mechanism—Architect, Developer, and Tester now vote on key decisions. Automatic process, no user waiting needed.
- Orchestrator role clarified with sample code for process control, quality checks, user communication, and exception handling.
- Expanded methods for running: OpenClaw integration (recommended), CLI, and new visualization/monitoring options.
- Added support for version control, incremental updates, and enhanced quality gate handling.
- Documentation and output structure updated to reflect new workflow and features.
v1.0.0
v1.0.0
元数据
常见问题
Vibe Coding Cn 是什么?
AI 团队协作,自动生成完整项目。5 Agent + SPEC.md + Agent 投票审批 + 需求追溯。必须在 OpenClaw 环境中使用。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 103 次。
如何安装 Vibe Coding Cn?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install vibe-coding-cn」即可一键安装,无需额外配置。
Vibe Coding Cn 是免费的吗?
是的,Vibe Coding Cn 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Vibe Coding Cn 支持哪些平台?
Vibe Coding Cn 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(linux, darwin, win32)。
谁开发了 Vibe Coding Cn?
由 gotomanutd-dot(@gotomanutd-dot)开发并维护,当前版本 v4.1.0。
推荐 Skills