Trae Ide
v1.0.1Trae AI IDE 助手,精通字节跳动 AI 编程工具、Builder 模式、多模型切换、中文优化
⭐ 0· 127·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (Trae IDE assistant) match the SKILL.md content: the file describes Builder/Chat/Inline-edit modes, multi-model switching, and VS Code compatibility. The skill does not request unrelated binaries, credentials, or config paths, so required artifacts are proportionate to the claimed purpose.
Instruction Scope
The SKILL.md is an operational instruction set for assistant behavior rather than executable code. It explicitly states capabilities such as '自动执行终端命令' (automatically execute terminal commands) and multi-file edits and '实时展示修改 diff' — these are expected for an IDE assistant but are somewhat open-ended. The instructions do not tell the agent to read unexpected system files or exfiltrate data, but the phrasing grants broad discretion to run terminal commands and modify files, so runtime policies controlling destructive commands and file access are advisable.
Install Mechanism
No install spec, no code files, and no downloads — the skill is instruction-only, which minimizes on-disk risk.
Credentials
The skill declares no required environment variables, credentials, or config paths. It does reference multiple models (Claude Sonnet 4, GPT-4o, Doubao) in descriptive text but does not request API keys or tokens, so there is no unexplained credential demand.
Persistence & Privilege
always is false and there is no mechanism that writes persistent configuration or gains elevated system presence. The skill can be invoked autonomously by the agent (platform default), which is normal and not by itself a risk.
Assessment
This skill is an instruction-only assistant and does not ask for secrets or install software, so it is internally coherent. Before using it: (1) be cautious when allowing any assistant to run terminal commands — restrict or review commands that modify or delete files; (2) don't assume the skill actually grants free access to paid/high-end models (those typically require API keys or subscriptions); (3) if you plan to let the agent edit multiple files, review diffs before applying changes; and (4) if you need stronger guarantees, request an explicit policy in the agent that forbids destructive shell commands or exfiltration.Like a lobster shell, security has layers — review code before you run it.
latestvk97d281j88yx0jn6dxyhh5sqhn83cbtd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.