ClawHub

Revibe Codes

v1.0.6

Analyze any codebase — architecture, patterns, diagrams, agent context. Understand repos in minutes, not hours.

0· 153·0 current·0 all-time
by@selvatuple
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name and description match the behavior: the skill sends a GitHub URL to revibe.codes for analysis and returns structured results. One mismatch to be aware of: the skill claims to handle "any" codebase but does not request GitHub credentials or explain how private repositories are handled — it only sends a public GitHub URL, so private repos may not be analyzable unless the backend has separate access.
Instruction Scope
Instructions are specific and scoped to determining a GitHub URL (from message or local git remote), POSTing that URL to revibe's API, polling status, downloading summaries, and saving agent_context.json to the current directory. This involves transmitting the repository URL (and per the privacy note, revibe may clone/store source) to an external service — expected for this purpose but a privacy consideration. The skill reads local git remote configuration and writes agent_context.json; it does not request other unrelated files or credentials.
Install Mechanism
This is an instruction-only skill with no install steps or files to write. Required binaries (curl, jq, git) are reasonable and proportional to the described HTTP/polling and git-URL extraction behavior.
Credentials
Only REVIBE_API_KEY is required (sent as X-Revibe-Key) which matches the external service integration. No unrelated secrets or system config paths are requested. Consider that private-repo analysis may require additional credentials (none are declared), so the skill's claim of analyzing any repo may be limited for private repos.
Persistence & Privilege
The skill saves agent_context.json into the current directory (explicitly stated). always:false and normal invocation settings are used. The skill does persist data locally (agent_context.json) and relies on revibe's backend storing analysis data; this is expected for the stated functionality.
Assessment
This skill appears to do what it says: it extracts a GitHub URL (from your message or local git remote), sends it to revibe.codes, polls for results, and saves a local agent_context.json. Before installing or using it, consider: 1) Privacy: revibe.codes will receive your repository URL and (per their note) may store/cloned source in cloud storage — do not use with private or sensitive code unless you’ve reviewed their privacy/security docs. 2) Private repos: the skill does not request GitHub credentials, so it likely cannot analyze private repos unless you separately grant revibe access; ask the vendor how to handle private projects. 3) API key handling: create a scoped or disposable REVIBE_API_KEY and rotate/delete it if no longer needed. 4) Local write: agent_context.json will be written to the current directory and may contain structured project data — treat it as potentially sensitive. If you need offline/local-only analysis, prefer a local tool instead.

Like a lobster shell, security has layers — review code before you run it.

latestvk973wx9x73xakm23j7gdc9ykch83kx11

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl, jq, git
EnvREVIBE_API_KEY
Primary envREVIBE_API_KEY

Comments