ClawHub

code-complexity-analyzer

v1.0.0

Measure cyclomatic complexity, cognitive complexity, and structural metrics for Python, JavaScript/TypeScript, and Go code. Use when analyzing code quality,...

0· 0·0 current·0 all-time
by@charlie-morrison
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (measure complexity for Python/JS/TS/Go) matches the included SKILL.md and the analyzer script: it scans source files, reports per-function metrics, and exposes CLI options. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md instructs running the included Python script against source dirs/files and to choose output formats and thresholds. The instructions and script operate on local files only and do not instruct reading unrelated system state or transmitting results to external endpoints.
Install Mechanism
No install spec; skill is instruction-only with one bundled Python script. This is low-risk provided the script is reviewed before execution.
Credentials
Requires no environment variables, credentials, or special config paths. The script reads source files and directory contents only, which is proportionate to the stated purpose.
Persistence & Privilege
Skill does not request persistent presence, special agent privileges, or modifications to other skills; it is user-invocable and not always-enabled.
Assessment
The skill appears coherent: it bundles a pure-Python analyzer and SKILL.md that tells you how to run it locally. Before running it on sensitive systems, (1) review the full script (especially any parts not shown to you) to confirm there are no network calls or shell executions; (2) run it in a sandbox or ephemeral environment (container or VM) the first time; (3) avoid running it against private/credential-containing directories unless you trust the code; and (4) if you need stronger assurance, request the full, untruncated source for review or run static checks (grep for 'socket', 'requests', 'subprocess', 'os.system', 'exec', 'eval') to detect unexpected network or execution behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ejpbfsrdc8ve6v6hbbazg3984nxzg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments