← 返回 Skills 市场
jagger-zxz

zxz-test

作者 jagger-zxz · GitHub ↗ · v1.0.1
cross-platform ⚠ suspicious
316
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install zxz-test
功能描述
审查近期代码变更,检查 bug、安全隐患并提出改进建议。针对 git diff 中的暂存或未暂存更改提供可操作的反馈。
使用说明 (SKILL.md)

快速代码审查

审查当前代码变更,提供简洁、可操作的反馈。

步骤

  1. 执行 git diff --staged 获取暂存区的变更。如果为空,回退到 git diff 获取未暂存的变更。如果两者都为空,告知用户没有可审查的变更。

  2. 按以下分类分析 diff:

    Bug 与逻辑错误

    • 边界错误、空值访问、竞态条件
    • 布尔逻辑错误或遗漏的边界情况
    • 资源泄漏(未关闭的句柄、缺失的清理逻辑)

    安全问题

    • 注入漏洞(SQL、XSS、命令注入)
    • 硬编码的密钥或凭证
    • 不安全的反序列化或输入处理

    性能问题

    • 热路径中不必要的内存分配
    • N+1 查询或缺失的索引
    • 异步上下文中的阻塞调用

    代码质量

    • 死代码或不可达分支
    • 应该复用的重复逻辑
    • 具有误导性的命名或不清晰的意图

  3. 按文件分组展示发现的问题,格式如下:

    path/to/file.ext

    • [Bug] 第 42 行:问题描述及修复建议
    • [安全] 第 78 行:问题描述及修复建议

  4. 最后用一句话总结:发现的问题总数,以及这些变更是否可以安全提交。

准则

  • 只标记真实问题,不要挑剔代码风格、格式或提出不必要的建议。
  • 要具体——引用 diff 中的确切行号和变量名。
  • 如果变更没有问题,简要说明即可,不要凭空制造问题。
  • 保持审查简洁,重质量不重数量。
安全使用建议
This skill appears to do what it says (review staged/unstaged git diffs), but before installing or invoking it: 1) confirm the agent environment provides git and shell access (the SKILL.md assumes `git diff` will run — the skill metadata should declare git as a required binary); 2) be aware the skill will read your repository's working tree and diffs, so do not run it in a workspace containing secrets you don't want exposed; 3) because it's instruction-only and can execute git, ensure you trust the agent runtime (it will access local files) — if possible, run it in a controlled checkout or CI context; and 4) consider asking the publisher to update the skill metadata to list `git` as a required binary to remove the current inconsistency.
功能分析
Type: OpenClaw Skill Name: zxz-test Version: 1.0.1 The OpenClaw skill 'zxz-test' is designed for quick code reviews, analyzing `git diff` output for bugs, security issues, performance problems, and code quality. The `SKILL.md` instructions for the AI agent are clear, focused on the stated purpose, and do not contain any malicious commands, data exfiltration attempts, persistence mechanisms, or prompt injection designed to subvert the agent's function. The use of `git diff` is a safe, read-only operation appropriate for this task.
能力评估
Purpose & Capability
The name/description and SKILL.md are consistent: the skill is limited to reading recent git changes and producing review comments. However, the metadata lists no required binaries even though the instructions explicitly require running `git diff` (i.e., the skill implicitly needs git and shell access). This is an inconsistency (missing declared dependency).
Instruction Scope
The runtime instructions are narrowly scoped to running `git diff --staged` / `git diff`, analyzing the produced diff, and producing line-specific findings. They do not direct the agent to read unrelated files, environment variables, or to send data to external endpoints. The only scope concern is the un-declared assumption that the agent can execute shell/git in the repository.
Install Mechanism
Instruction-only skill with no install spec or code files — lowest installation risk. Nothing is downloaded or written to disk by an install step.
Credentials
The skill declares no required environment variables or credentials, which is appropriate for a local git diff reviewer. Note: because it reads diffs, it can expose any secrets present in the diff; this is a normal capability for a code-review tool but worth being aware of.
Persistence & Privilege
always is false and there is no install behavior. The skill does not request persistent system presence or attempt to modify other skills or global agent settings.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install zxz-test
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /zxz-test 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
- Initial release of zxz-test skill version 1.0.0. - No changes detected since the previous version.
v1.0.0
Initial release of quick-review: a tool for fast, actionable code change audits. - Reviews staged or unstaged git diffs for bugs, security, performance, and code quality issues. - Groups identified issues by file and line, providing clear suggestions for each. - Only flags real problems—ignores style and unwarranted suggestions. - Summarizes overall findings and safety of changes in a single sentence.
元数据
Slug zxz-test
版本 1.0.1
许可证
累计安装 0
当前安装数 0
历史版本数 2
常见问题

zxz-test 是什么?

审查近期代码变更,检查 bug、安全隐患并提出改进建议。针对 git diff 中的暂存或未暂存更改提供可操作的反馈。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 316 次。

如何安装 zxz-test?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install zxz-test」即可一键安装,无需额外配置。

zxz-test 是免费的吗?

是的,zxz-test 完全免费(开源免费),可自由下载、安装和使用。

zxz-test 支持哪些平台?

zxz-test 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 zxz-test?

由 jagger-zxz(@jagger-zxz)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论