ClawHub

Skill Gap Finder

v1.0.0

扫描现有 Skill 套装,找重复、缺口、职责冲突和最该补的空位。;use for skills, bundle, analysis workflows;do not use for 臆造目录内容, 直接删除 skill.

0· 88·0 current·0 all-time
byvx:17605205782@52yuanchangxing
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, SKILL.md, resources/spec.json, README and scripts/run.py all align: this is a directory-audit tool that reads a skills root and produces a structured Markdown report. The only declared runtime dependency is python3, which is appropriate for the included Python script.
Instruction Scope
SKILL.md instructs either running the included script or using the local template/spec to produce reports. The runtime script reads files under the supplied directory (many text/code file extensions) and emits summaries/snippets. This is expected, but users should be aware the tool will read repository files and may include filenames, headings, and short text snippets in the report.
Install Mechanism
No install spec; this is instruction-only plus a local script. No packages are downloaded and no archive extraction occurs. Risk from install mechanism is low.
Credentials
No environment variables, credentials, or external config paths are required. The script does scan file contents for patterns (including secret-like regexes) and will include findings in reports; that behavior is consistent with an audit tool but means you should not point it at directories containing unredacted secrets or private data unless you intend such scanning.
Persistence & Privilege
always:false and no special persistence was requested. The script can write an output file if a path is provided (normal behavior). The skill does not modify other skills' configs or request elevated privileges.
Assessment
This skill appears to do what it says: a local, read-only audit of a skills directory driven by resources/spec.json and resources/template.md. Before running it, (1) inspect scripts/run.py locally (already included) and run the smoke test; (2) avoid pointing it at directories that contain unredacted secrets or PII because the report can include file listings, headings and pattern matches; (3) run with --dry-run first and specify an explicit output path to avoid accidental overwrites; (4) if you plan to allow autonomous agent invocation, be comfortable with the agent being able to run a local script that reads files in any directory you pass to the skill. Overall this is internally coherent and low-risk, but treat scanned inputs as potentially sensitive.

Like a lobster shell, security has layers — review code before you run it.

latestvk977w5kqre64fhdy2rbsvfrmah8390bc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧭 Clawdis
OSmacOS · Linux · Windows
Binspython3

Comments