ClawHub

Test And Fix

v1.0.0

执行项目校验命令(lint、type-check、test、build),分析失败原因,安全修复问题,并将总结报告保存为 Markdown 文件。当用户要求检查、验证、测试代码改动时自动激活。

0· 86·0 current·0 all-time
byBovin Phang@bovinphang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the runtime instructions: identify available commands (package.json or docs), run lint/type-check/tests/build, analyze failures, apply minimal fixes, and save a Markdown report. It doesn't request unrelated binaries, credentials, or installs.
Instruction Scope
SKILL.md directs the agent to read package.json, run project checks, modify project files to fix issues, and create a reports/ Markdown file via a 'Write' tool. This stays within the stated purpose, but it grants the agent broad discretion to edit source files (no explicit constraints like 'make edits in a branch' or 'open a PR'). The doc also doesn't mention handling tests that require external services or secrets (databases, API keys), which may come up at runtime.
Install Mechanism
No install spec and no code files — instruction-only skill. No downloads or package installs are requested.
Credentials
The skill declares no environment variables or credentials, which is proportional to its stated task. Be aware that running tests or builds in some projects may require environment variables or service credentials at runtime; the instructions do not request or document those, so the agent may need to prompt for them.
Persistence & Privilege
always is false and nothing requests permanent platform-level privileges. The skill writes report files to the project (reports/), which is appropriate for its function; it does not modify other skills or system-wide configuration.
Assessment
This skill is internally consistent for running checks and making small fixes, but it will modify repository files and create a report in reports/. Before enabling or running it: (1) ensure the agent's write/commit rights are what you expect — prefer a dedicated branch or sandbox so changes can be reviewed; (2) have backups or use a code review/PR workflow so changes are not pushed blindly; (3) be prepared that running tests/builds may require environment variables, secrets, or external services — do not provide sensitive credentials unless you trust the agent and review requests; (4) confirm what the platform 'Write' tool does (where files are saved and whether changes are committed); and (5) if you want stricter control, instruct the agent to open a patch/PR rather than directly committing changes.

Like a lobster shell, security has layers — review code before you run it.

latestvk9724jatz39ycng0eh5pvs7ttn83y8g4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments