← Back to Skills Marketplace
84
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install jar-conflict-detector
Description
This skill should be used when the user needs to detect JAR package conflicts, version inconsistencies, or known incompatible dependency pairs in a Spring Bo...
README (SKILL.md)
\r \r
JAR 包冲突检测 Skill — Spring Boot 微服务\r
\r
目的\r
\r To detect version conflicts, known incompatible dependency pairs, and duplicate JARs\r in Spring Boot microservice projects (Maven or Gradle), and produce an actionable\r conflict report with resolution suggestions.\r \r
触发场景\r
\r Use this skill when the user:\r
- Reports runtime errors such as
NoSuchMethodError,ClassNotFoundException,LinkageError\r - Asks to check or analyze JAR conflicts, version convergence, or dependency tree issues\r
- Is upgrading Spring Boot (e.g., 2.x → 3.x) and needs conflict validation\r
- Wants a dependency health check before CI/CD deployment\r
- Mentions Spring Cloud + Spring Boot version mismatch\r \r
工作流程\r
\r
Step 1 — 确认项目目录和构建工具\r
\r Ask the user for (or infer from context):\r
- Project root directory — path to the Maven/Gradle project (containing
pom.xmlorbuild.gradle)\r - Build tool — auto-detected if not specified (
maven|gradle|auto)\r - Report format —
html(default, visual) |txt|json(for CI)\r - Severity level —
all(default) |warn|error\r \r For multi-module projects, always point to the parent/root directory so all sub-modules are scanned.\r \r
Step 2 — 运行检测脚本\r
\r Run the bundled detection script:\r \r
python scripts/detect_conflicts.py \\r
--project-dir \x3C用户项目路径> \\r
--output conflict-report.html \\r
--mode auto \\r
--level all\r
```\r
\r
**Script capabilities:**\r
- Runs `mvn dependency:tree` (Maven) or `gradle dependencies` (Gradle) to get the full resolved dependency tree\r
- Falls back to static `pom.xml` parsing if Maven/Gradle CLI is unavailable\r
- Detects **version conflicts**: same `groupId:artifactId`, different versions across modules\r
- Detects **known incompatible pairs**: e.g., Spring Boot 3.x + Spring 5.x, dual SLF4J bindings\r
- Generates reports in HTML / TXT / JSON format\r
\r
**Output files:**\r
- `conflict-report.html` — visual HTML report (default, recommended)\r
- `conflict-report.txt` — plain text for terminal review\r
- `conflict-report.json` — machine-readable for CI integration\r
\r
### Step 3 — 解读结果并给出建议\r
\r
After scanning, present results clearly:\r
\r
1. **总结** — X 个 ERROR,Y 个 WARN,依赖总数\r
2. **逐条解读** — 对每个 ERROR 级冲突说明原因和影响\r
3. **给出修复方案** — 参考 `references/conflict_patterns.md` 提供具体 POM/Gradle 修改示例\r
\r
For resolution guidance, load `references/conflict_patterns.md` which contains:\r
- Common conflict patterns and fixes\r
- Spring Boot / Spring Cloud / Hibernate version compatibility matrix\r
- SLF4J binding conflict resolution\r
- javax → jakarta migration guide\r
- Maven Enforcer plugin setup for CI enforcement\r
\r
### Step 4 — 可选:生成修复建议 POM 片段\r
\r
If the user wants specific fixes, generate the corresponding `dependencyManagement`\r
XML snippet or Gradle `resolutionStrategy` block inline in the reply.\r
\r
## 输出格式指南\r
\r
- **HTML 报告** — 默认推荐,适合人工审查,call `preview_url` or `open_result_view`\r
- **JSON 报告** — 适合 CI pipeline 解析,结合 `jq` 过滤 ERROR 级别\r
- **TXT 报告** — 适合终端快速查看\r
\r
## 注意事项\r
\r
- If `mvn`/`gradle` is not available on PATH, the script falls back to static POM parsing\r
(less accurate — transitive dependencies won't be resolved). Inform the user.\r
- For **Spring Boot 3.x migration**, always check for `javax.*` → `jakarta.*` conflicts.\r
- For **multi-module projects**, run from the **root directory** with the parent `pom.xml`.\r
- Script exit code: `0` = no ERROR conflicts; `1` = at least one ERROR found (useful for CI gates).\r
- All Python stdlib only — no pip install required.\r
Usage Guidance
This skill appears to do what it claims, but before running it consider: 1) Running mvn/gradle in a project can execute build scripts, plugins, init scripts, and may run arbitrary code from the repository — only run it on trusted projects or inside an isolated sandbox/container and a non-privileged account. 2) Build tools may download artifacts from the network; if you need a zero-network audit, prefer the static POM parsing fallback. 3) Inspect scripts/detect_conflicts.py yourself (it is included) to confirm there are no unexpected behaviors. 4) If you are automating in CI, use the script's exit codes and JSON output, but ensure the CI runner environment is appropriately sandboxed. 5) The SKILL.md mentions preview functions not implemented by the script — expect to open report files manually.
Capability Analysis
Type: OpenClaw Skill
Name: jar-conflict-detector
Version: 1.0.0
The skill is a legitimate utility designed to analyze Java dependency conflicts in Maven and Gradle projects. It operates by parsing build files and executing standard commands like 'mvn dependency:tree' via the subprocess module in 'scripts/detect_conflicts.py'. There is no evidence of data exfiltration, malicious persistence, or harmful prompt injection; the instructions in 'SKILL.md' and the logic in the Python script are strictly aligned with the stated purpose of project health checks.
Capability Assessment
Purpose & Capability
Name/description (JAR conflict detection for Maven/Gradle Spring Boot projects) matches the provided code and instructions: the script parses pom.xml, can invoke mvn dependency:tree or gradle dependencies, and uses a local references file for known incompatibilities and fixes.
Instruction Scope
Runtime instructions explicitly tell the agent to run the bundled Python script which in turn will invoke mvn/gradle in the user's project directory. Running mvn/gradle (even for dependency queries) can execute project build logic, init scripts, plugins, and may download remote artifacts — this is expected for the task but is a notable execution and network risk if run against untrusted code. Also SKILL.md suggests UI actions like 'preview_url' or 'open_result_view' which are not implemented in the script (minor mismatch). The script does provide a static POM parsing fallback, which reduces risk if chosen.
Install Mechanism
No install spec — instruction-only plus a bundled Python script that uses only the Python standard library. Nothing is downloaded from external URLs by the skill itself.
Credentials
The skill requests no environment variables, credentials, or config paths. The code runs mvn/gradle from the provided project directory but does not attempt to read unrelated system files or environment secrets.
Persistence & Privilege
Skill is not always-enabled, does not request elevated or persistent platform privileges, and does not modify other skills or agent-wide configuration. Autonomous invocation remains possible (platform default) but is not combined with additional privileges.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install jar-conflict-detector - After installation, invoke the skill by name or use
/jar-conflict-detector - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
This skill should be used when the user needs to detect JAR package conflicts,
version inconsistencies, or known incompatible dependency pairs in a Spring Boot
microservices project. Trigger phrases include: "检测 jar 包冲突", "依赖冲突分析",
"dependency conflict", "jar 版本冲突", "pom 依赖检查", "排查 NoSuchMethodError",
"Spring Boot 升级冲突", or any request involving Maven/Gradle dependency resolution
issues in a Java/Spring Boot project.
Metadata
Frequently Asked Questions
What is jar冲突检测器?
This skill should be used when the user needs to detect JAR package conflicts, version inconsistencies, or known incompatible dependency pairs in a Spring Bo... It is an AI Agent Skill for Claude Code / OpenClaw, with 84 downloads so far.
How do I install jar冲突检测器?
Run "/install jar-conflict-detector" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is jar冲突检测器 free?
Yes, jar冲突检测器 is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does jar冲突检测器 support?
jar冲突检测器 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created jar冲突检测器?
It is built and maintained by yssNB (@yssnb); the current version is v1.0.0.
More Skills