LSP Python
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used with auto-fix on a broad directory, many source files may be rewritten.
The batch checker can recurse through a directory and, when auto-fix is selected, run in-place formatting/import-cleanup tools on the discovered Python files.
elif p.is_dir():
py_files.extend([str(f) for f in p.rglob('*.py')])
...
subprocess.run(
['autoflake', '--remove-all-unused-imports', '--in-place', filepath],Run auto-fix only on intended project folders, review diffs afterward, and keep backups or version control.
The installed local pylsp and its plugins will process the files you ask the skill to analyze.
The skill starts the local pylsp executable as part of its normal LSP workflow.
pylsp = subprocess.Popen(
["pylsp"],
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,Use a trusted Python environment or virtual environment for pylsp and install only plugins you trust.
Dependency behavior depends on what versions are installed in the user's environment.
The setup instructions rely on external PyPI packages without pinned versions.
- **pylsp**: `pip install python-lsp-server` - **可选插件**: - `pip install python-lsp-server[all]` - `pip install pylsp-mypy` - `pip install pylsp-black`
Install dependencies from trusted sources, preferably in a virtual environment, and pin versions for reproducible use.