Zustand Patterns
v1.0.0Zustand 状态管理实战模式。涵盖 Store 设计规范、Slice 工厂复用、persist 持久化、可恢复任务持久化、Electron IPC 联动、Store 测试和常见陷阱。适用于 React + Zustand 项目。
⭐ 0· 384·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (Zustand patterns for React + Electron) matches the SKILL.md content. There are no unexpected env vars, binaries, or install steps requested — everything in the instructions is about store design, slices, persist, recovery, Electron IPC, and testing.
Instruction Scope
The SKILL.md stays on-topic and provides code examples for persist, recoverable tasks, and Electron IPC storage adapters. One area to pay attention to: the examples use ipcRenderer.invoke('store:get'|'store:set'|'store:remove') (i.e., IPC channels). That assumes corresponding main-process handlers exist and are implemented securely; storing or restoring task state on rehydrate may trigger application behavior (like resuming polling) and thus should be reviewed before use. The instructions do not ask to read arbitrary host files or exfiltrate secrets.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is downloaded or written to disk by the skill package itself.
Credentials
No environment variables, credentials, or config paths are requested. The examples mention storing preferences but explicitly advise not to persist runtime-only state.
Persistence & Privilege
The skill does not request persistent/autonomous privileges (always:false) and does not modify other skills or system-wide settings; it only offers coding guidance for application-level persistence patterns.
Assessment
This skill is a set of coding patterns and appears coherent with its stated purpose. Before adopting the code in your app: (1) review and implement Electron main-process IPC handlers securely — IPC channels can expose stored data to the main process; (2) avoid persisting secrets or sensitive credentials (use partialize or encryption if needed); (3) review onRehydrate/recovery logic so it does not automatically perform network actions or re-submit tasks without user consent; (4) add unit/integration tests for rehydration and migration paths. Because the skill is instruction-only, installing it does not add binaries, but copying the provided code into your project is where you should do a security review.Like a lobster shell, security has layers — review code before you run it.
latestvk9790gng9dc4zxer6cc4apbtxn823tg9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.