ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Code Reputation

v1.0.1

Semantic code caching for AI agents. Cache, retrieve, and reuse code from prior agent executions.

0· 765·0 current·0 all-time
by@ryx2·duplicate of @ryx2/code-cache
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (semantic code caching) aligns with the implementation and declared requirement. The skill calls a Raysurfer client, exposes search/files/upload/vote commands, and declares RAYSURFER_API_KEY as the required credential — all of which are expected for a remote code-cache integration.
Instruction Scope
SKILL.md and the CLI instruct the agent/user to retrieve, write, and upload code files. The skill writes retrieved files to a cache directory and reads local files you specify when uploading. This is expected for the feature, but it means user files (including any embedded secrets) will be transmitted to Raysurfer when you run upload — the instructions do not attempt to read arbitrary system files without user-specified paths.
Install Mechanism
There is no install spec; the skill is instruction-only and ships a Python CLI that depends on the public 'raysurfer' package. No external downloads or obscure URLs are used. The only install requirement is a standard Python package (raysurfer), which is proportional to the declared functionality.
Credentials
Only a single environment variable (RAYSURFER_API_KEY) is required and is the declared primary credential — this matches the skill's purpose. Be aware that this key grants access to the external Raysurfer account, and any code contents you upload will be accessible to that service. Do not store secrets or credentials inside code you plan to upload.
Persistence & Privilege
The skill does not request 'always: true' or any elevated platform privileges. It doesn't attempt to change other skills' configs. Normal autonomous invocation is allowed (disable-model-invocation is false) which is expected for skills; nothing else requests persistent system-level privileges.
Assessment
This skill does what it says: it sends and retrieves code to/from Raysurfer using the RAYSURFER_API_KEY. Before installing or using it: (1) Only provide the RAYSURFER_API_KEY if you trust the Raysurfer service and the account scope matches what you intend. (2) Never upload files that contain secrets (API keys, passwords, private keys) or PII — uploaded files are sent to the external service for caching. (3) When using retrieved code, review it before executing in your environment; cached snippets could contain unsafe operations. (4) The Python 'raysurfer' package is required — install it from PyPI and inspect its code if you have concerns. If you need stronger guarantees, ask for a version that supports client-side redaction or explicit filtering of sensitive content before upload.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🏄 Clawdis
EnvRAYSURFER_API_KEY
Primary envRAYSURFER_API_KEY
latestvk971qxts3fcs3js887s0v3nfj1810e7v
765downloads
0stars
2versions
Updated 8h ago
v1.0.1
MIT-0
@ryx2
latest
Download

Code Cache - Semantic Code Caching for AI Agents

This skill enables semantic code caching via the Raysurfer API.

What It Does

When your agent generates and executes code, Code Cache stores it. When a similar task comes up later, the agent can retrieve and run the cached code instead of regenerating it—saving time and tokens.

Setup

Get your API key from the Raysurfer dashboard and configure it:

# Via environment variable
export RAYSURFER_API_KEY=your_api_key_here

# Or via OpenClaw config
openclaw config set skills.entries.code-cache.apiKey "your_api_key_here"

Available Commands

Search for cached code

/code-cache search <task description> [--top-k N] [--min-score FLOAT] [--show-code]

Search for cached code snippets that match a natural language task description.

Options:

  • --top-k N — Maximum number of results (default: 5)
  • --min-score FLOAT — Minimum verdict score filter (default: 0.3)
  • --show-code — Display the source code of the top match

Example:

/code-cache search "Generate a quarterly revenue report"
/code-cache search "Fetch GitHub trending repos" --top-k 3 --show-code

Get code files for a task

/code-cache files <task description> [--top-k N] [--cache-dir DIR]

Retrieve code files ready for execution, with a pre-formatted prompt addition for your LLM.

Options:

  • --top-k N — Maximum number of files (default: 5)
  • --cache-dir DIR — Output directory (default: .code_cache)

Example:

/code-cache files "Fetch GitHub trending repos"
/code-cache files "Build a chart" --cache-dir ./cached_code

Upload code to cache

/code-cache upload <task> --files <path> [<path>...] [--failed] [--no-auto-vote]

Upload code from an execution to the cache for future reuse.

Options:

  • --files, -f — Files to upload (required, can specify multiple)
  • --failed — Mark the execution as failed (default: succeeded)
  • --no-auto-vote — Disable automatic voting on stored code blocks

Example:

/code-cache upload "Build a chart" --files chart.py
/code-cache upload "Data pipeline" -f extract.py transform.py load.py
/code-cache upload "Failed attempt" --files broken.py --failed

Vote on cached code

/code-cache vote <code_block_id> [--up|--down] [--task TEXT] [--name TEXT] [--description TEXT]

Vote on whether cached code was useful. This improves retrieval quality over time.

Options:

  • --up — Upvote / thumbs up (default)
  • --down — Downvote / thumbs down
  • --task — Original task description (optional)
  • --name — Code block name (optional)
  • --description — Code block description (optional)

Example:

/code-cache vote abc123 --up
/code-cache vote xyz789 --down --task "Generate report"

How It Works

  1. Cache Hit: When you ask for code similar to something previously executed, Code Cache returns the cached version instantly
  2. Cache Miss: When no match exists, your agent generates code normally, then Code Cache stores it for future use
  3. Verdict Scoring: Code that works gets 👍, code that fails gets 👎—retrieval improves over time

API Reference

The skill wraps these Raysurfer API methods:

MethodDescription
search(task, top_k, min_verdict_score)Unified search for cached code snippets
get_code_files(task, top_k, cache_dir)Get code files ready for sandbox execution
upload_new_code_snips(task, files_written, succeeded, auto_vote)Store new code after execution
vote_code_snip(task, code_block_id, code_block_name, code_block_description, succeeded)Vote on snippet usefulness

Why Code Caching?

LLM agents repeat the same patterns constantly. Instead of regenerating code every time:

  • 30x faster: Retrieve proven code instead of waiting for generation
  • Lower costs: Reduce token usage by reusing cached solutions
  • Higher quality: Cached code has been validated and voted on
  • Consistent output: Same task = same proven solution

Learn more at raysurfer.com or read the documentation.

Comments

Loading comments...