Code Runner Local
v1.0.0Run code snippets in 30+ programming languages including JavaScript, Python, TypeScript, Java, C, C++, Go, Rust, Ruby, PHP, and more. Use when the user wants...
⭐ 0· 96·1 current·1 all-time
MIT-0
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (run code in many languages) matches the included script and instructions. The skill only relies on local interpreters/compilers (described in LANGUAGES.md) and does not request unrelated services or credentials.
Instruction Scope
The SKILL.md correctly instructs the agent to send code via stdin or CLI args to the included Node script, and describes expected outputs and security cautions. The instructions and code explicitly write temporary files to the system temp directory and spawn compilers/interpreters, which is expected for this purpose. Note: the runtime script will execute whatever code is provided (including filesystem/network/system commands) — that is inherent to the skill and is a security risk for untrusted input. Also the script has a minor bug/oddity (see user guidance) and does not implement strong sandboxing or resource isolation.
Install Mechanism
There is no external install spec and the package is instruction-only with a single local Node script; no remote downloads or archives are fetched during install. This is low-risk from an installation standpoint.
Credentials
The skill does not request environment variables, credentials, or config paths. It uses process.platform and standard Node APIs only; no secret access is required or requested.
Persistence & Privilege
The skill is user-invocable and not always-enabled. It does not try to persist credentials or modify other skills. It creates temporary files in the system temp directory during execution, which is expected but means the executed code runs with the agent's host privileges.
Assessment
This skill appears to do what it claims, but it executes code on the host — treat it like running programs locally. Before installing/using: 1) Do not run untrusted code. Review snippets before execution or run the skill inside an isolated sandbox/container or VM. 2) Ensure interpreters/compilers you expect are installed and kept up to date. 3) Be aware temp files and compiled binaries are written to the system temp directory (shared with other processes); sensitive data in code could be recoverable. 4) The included script uses child_process.exec and spawns compilers/interpreters (normal for this tool) and sets a 30s default timeout; long-running or resource-heavy code may be killed or may consume host resources — consider stricter time/resource limits if needed. 5) Implementation notes for reviewers: the script contains a minor bug where outputFile uses Date.now without invoking it (Date.now instead of Date.now()), which may lead to odd filenames; cleanup attempts are limited to files created by the script and may not cover all side-effects of executed code. If you need safer execution of untrusted code, run the skill only inside a dedicated sandbox with network and filesystem restrictions.scripts/run-code.cjs:140
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
Code Runner Skill
This skill enables you to run code snippets in multiple programming languages directly from the command line.
When to Use This Skill
Use this skill when:
- The user wants to run or execute a code snippet
- Testing algorithm implementations or logic
- Verifying expected output of code
- Running quick scripts or one-liners
- Checking syntax or runtime behavior
- Demonstrating code functionality
Supported Languages
The following languages are supported (requires the interpreter/compiler to be installed):
| Language | Command | File Extension |
|---|---|---|
| JavaScript | node | .js |
| TypeScript | ts-node | .ts |
| Python | python | .py |
| Java | java (compile & run) | .java |
| C | gcc (compile & run) | .c |
| C++ | g++ (compile & run) | .cpp |
| Go | go run | .go |
| Rust | rustc (compile & run) | .rs |
| Ruby | ruby | .rb |
| PHP | php | .php |
| Perl | perl | .pl |
| Lua | lua | .lua |
| R | Rscript | .r |
| Swift | swift | .swift |
| Kotlin | kotlin | .kts |
| Scala | scala | .scala |
| Groovy | groovy | .groovy |
| Dart | dart | .dart |
| Julia | julia | .jl |
| Haskell | runhaskell | .hs |
| Clojure | clojure | .clj |
| F# | dotnet fsi | .fsx |
| C# | dotnet script | .csx |
| PowerShell | pwsh | .ps1 |
| Bash | bash | .sh |
| Batch | cmd /c | .bat |
| CoffeeScript | coffee | .coffee |
| Crystal | crystal | .cr |
| Elixir | elixir | .exs |
| Nim | nim compile --run | .nim |
| OCaml | ocaml | .ml |
| Racket | racket | .rkt |
| Scheme | scheme | .scm |
| Lisp | sbcl --script | .lisp |
See references/LANGUAGES.md for detailed language configuration.
How to Run Code
Step 1: Identify the Language
Determine the programming language from:
- User's explicit request (e.g., "run this Python code")
- File extension if provided
- Code syntax patterns
Step 2: Execute Using the Runner Script
⚠️ Important for AI Agents: Use stdin to avoid escaping issues with quotes, backslashes, and special characters.
Recommended Method (stdin):
echo "<code>" | node scripts/run-code.cjs <languageId>
Alternative Method (CLI argument - for simple code only):
node scripts/run-code.cjs <languageId> "<code>"
Example - JavaScript:
echo "console.log('Hello, World!')" | node scripts/run-code.cjs javascript
Example - Python:
echo "print('Hello, World!')" | node scripts/run-code.cjs python
Example - Java (multi-line):
echo "public class Test {
public static void main(String[] args) {
System.out.println(\"Hello from Java!\");
}
}" | node scripts/run-code.cjs java
Example - Multi-line code from variable:
# In bash
CODE='import math
print("Pi:", math.pi)
print("Result:", math.factorial(5))'
echo "$CODE" | node scripts/run-code.cjs python
# In PowerShell (inline here-string)
@"
import math
print("Pi:", math.pi)
print("Result:", math.factorial(5))
"@ | node scripts/run-code.cjs python
Step 3: Return Results
- Show the output (stdout) to the user
- If there are errors (stderr), explain what went wrong
- Suggest fixes for common errors
Platform Notes
Windows
- Use
cmd /cfor batch scripts - PowerShell scripts require
pwshorpowershell - Path separators use backslash
\
macOS / Linux
- Bash scripts work natively
- Swift available on macOS
- Use
#!/usr/bin/envshebang for portable scripts
Error Handling
Common issues and solutions:
-
Command not found: The language interpreter is not installed or not in PATH
- Suggest installing the required runtime
- Provide installation instructions
-
Syntax errors: Code has syntax issues
- Show the error message
- Point to the line number if available
-
Runtime errors: Code runs but fails during execution
- Display the stack trace
- Explain the error type
-
Timeout: Code takes too long (default: 30 seconds)
- Warn about infinite loops
- Suggest optimizations
Security Considerations
⚠️ Important: Running arbitrary code can be dangerous. Always:
- Review the code before execution
- Be cautious with code that:
- Accesses the file system
- Makes network requests
- Executes system commands
- Modifies environment variables
- Consider running in a sandboxed environment for untrusted code
Examples
Example 1: Run a JavaScript calculation
echo "console.log(Array.from({length: 10}, (_, i) => i * i))" | node scripts/run-code.cjs javascript
Output: [0, 1, 4, 9, 16, 25, 36, 49, 64, 81]
Example 2: Run Python with imports
echo "import math; print(math.factorial(10))" | node scripts/run-code.cjs python
Output: 3628800
Example 3: Test a Go function
echo 'package main; import "fmt"; func main() { fmt.Println("Hello from Go!") }' | node scripts/run-code.cjs go
Output: Hello from Go!
Files
4 totalSelect a file
Select a file to preview.
Comments
Loading comments…