围棋棋谱数据库
v1.0.1weiqi-db 围棋棋谱数据库 - 本地棋谱管理工具,支持SGF导入、元数据编辑、标签管理、全文搜索。数据存储于单个JSON文件,AI友好的JSON接口设计。
⭐ 0· 81·0 current·0 all-time
bytokener@zhangbin2025
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (local SGF DB, import/search/tagging) align with what the code and SKILL.md request and implement: TinyDB JSON storage in the user's home (~/.weiqi-db/database.json), SGF import, metadata parsing, search and tag commands.
Instruction Scope
SKILL.md instructs only local file operations (init, add, query, tag, delete). The code reads SGF files and writes to ~/.weiqi-db/database.json as documented. Be aware the tool will read any file paths you pass to 'add' (or all .sgf files in a directory), so you should not point it at sensitive directories. The SKILL.md claims no network I/O; the visible code contains no network calls.
Install Mechanism
No install spec in registry; dependency is tinydb (requirements.txt). Installing via 'pip install tinydb' is proportional and expected. There are no downloads from arbitrary URLs or archive extraction steps in the package metadata.
Credentials
No environment variables, credentials, or external config paths are requested. The code uses the user's home directory for storage, which matches the stated purpose.
Persistence & Privilege
Skill is user-invocable and not forced-always. It stores data under ~/.weiqi-db only and does not attempt to modify other skills or global agent settings.
Assessment
This skill appears to be a local-only SGF database and does not request credentials or perform network activity. Before installing/run: 1) Inspect the full scripts/db.py (the bundle included a truncated view here) to confirm no hidden network or subprocess calls; 2) Only add SGF files or directories you trust — the tool will read any files you point it at; 3) Install the dependency (tinydb) in a virtualenv if you want isolation; 4) Note the source code shows duplicated/overlapping functions (two find_conflicts definitions and an unused similarity-hash function) which look like coding bugs — this may produce unexpected behavior when detecting conflicts, so expect some rough edges and consider testing on a small dataset first; 5) Run as a normal user (not root) and keep backups of any important data before bulk operations.Like a lobster shell, security has layers — review code before you run it.
latestvk97fn00enfeq8d4edq54dr4pyd83q7zh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.