Cca Domain3

v1.0.0

CCA 领域3：Claude Code配置与工作流（20%权重）。当用户说"学domain3"、"Claude Code配置"、"CLAUDE.md"、"cca-domain3"时使用。

⭐ 0· 104·0 current·1 all-time

by@sawzhang

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description describe Claude Code configuration and workflows and the SKILL.md content sticks to that domain (CLAUDE.md layering, commands, rules, CI integration). There are no unexpected required binaries or environment variables.

✓

Instruction Scope

Runtime instructions focus on creating/organizing CLAUDE.md, commands, skills, .claude/rules files, and CI flags. The guidance references user/home and project paths (e.g., ~/.claude, .claude/) which is appropriate for a configuration tutorial. It does not instruct reading arbitrary system secrets or exfiltrating data.

✓

Install Mechanism

No install spec and no code files — instruction-only skill with the lowest install risk.

ℹ

Credentials

The skill declares no required env vars, but the exercises mention configuring an MCP server and 'environment variable expansion' in .mcp.json and integrating into CI. This is reasonable for the topic, but users should be mindful not to commit secrets into project files or expose sensitive env values in CI output.

✓

Persistence & Privilege

always:false and no persistent/install-time modifications are requested. The skill does not require forced inclusion or elevated agent privileges.

Assessment

This skill is an educational guide and appears coherent and low-risk. Before applying its steps in a real repo: (1) review any CLAUDE.md or .claude/ files you add — avoid committing secrets; (2) when configuring .mcp.json or CI, ensure environment variables are managed securely (use CI secret storage, not plaintext files); (3) when authoring project-level skills/commands, restrict allowed-tools and use context: fork to limit side effects; (4) if you plan to follow the CI examples, avoid printing secrets with --output-format or in logs. If you want, I can review specific CLAUDE.md/.mcp.json snippets to point out any sensitive patterns.

Like a lobster shell, security has layers — review code before you run it.

latestvk97eqpd1femtzdkt4x6j4dh8gn83gmc1

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Cca Domain3

License

Comments