适配器审计
adapter-audit
by allens0104
Use this skill to audit CLI adapter projects (like opencli) for missing output fields, then batch-generate fixes and submit PRs. Turns AI agents into adapter quality reviewers.
安装
claude skill add --url https://github.com/openclaw/skills文档
Adapter audit skill
Use this skill when you want to systematically audit and fix CLI adapter projects — for example, scanning all search adapters in opencli for missing url fields and batch-generating patches.
When to use
- auditing adapter output schemas for missing fields (url, timestamp, thumbnail, etc.)
- generating batch fixes across many adapters at once
- preparing multi-file PRs to upstream projects
- maintaining output consistency across a large adapter registry
Core workflow
1. Scan
Scan all adapters in the target project and classify each by:
- adapter type (YAML declarative vs TS/JS coded)
- which output fields are present
- which standard fields are missing
Standard fields to check:
url— direct link to the content itemtitle— content titleauthor— creator/author nametimestamp/date— publish or capture time
2. Classify fix type
For each missing field, determine the fix strategy:
| Situation | Fix strategy |
|---|---|
Field is computed internally but not in columns | Add to columns list |
Field is computed but stripped by a map step | Pass through the map step + add to columns |
| Field is not computed but can be constructed from existing data | Add construction logic + add to columns |
| Field requires external data not available in the API response | Skip or mark as "needs upstream API change" |
3. Fix
Apply fixes using the minimum change principle:
- For YAML adapters: add field to return object + map step + columns array
- For TS adapters: add field to return object + columns array
- Never change existing fields or behavior
- Only add new fields
4. Verify
After fixing, run the project's existing tests:
npm run build # ensure TS compiles
npm test # ensure nothing breaks
5. Submit
Create a single well-documented PR with:
- clear title describing the scope
- table showing before/after coverage
- per-adapter fix type classification
- risk assessment (should always be "additive only")
Proven example
This skill was used to audit opencli's 33 search adapters:
- Before: 22/33 (67%) had
urlin output - After: 32/33 (97%) had
urlin output - Fix types used: columns-only (3), map-passthrough (2), construct-from-data (4)
- Files changed: 9
- Lines changed: +17 / -10
- PR: merged within hours, all CI green
Output contract
The audit output should include:
- total adapters scanned
- per-adapter field coverage table
- fix strategy for each missing field
- list of files changed
- before/after coverage metrics
- risk classification
Key rules
- Never modify existing output fields — only add missing ones
- Prefer constructing URLs from existing API data over adding new API calls
- Skip fields that genuinely don't apply (e.g.,
urlfor dictionary word lookup) - Always verify the constructed URL format is correct for the platform
- Group all fixes into a single PR for easier review
Quick invocation template
Use /adapter-audit to scan all search adapters in this CLI project for missing url fields, fix them, and prepare a PR.
请用 /adapter-audit 扫描这个 CLI 项目里所有 search adapter 的缺失字段,批量修复并准备 PR。
相关 Skills
安全专家
by alirezarezvani
覆盖威胁建模、漏洞评估、安全架构设计、代码审计与渗透测试,内置 STRIDE、OWASP、加密模式和安全扫描流程,适合系统设计评审与上线前安全排查。
✎ 安全专家把威胁建模、漏洞分析到渗透测试串成一套流程,内置 STRIDE 与 OWASP 指南,做安全设计和排查更省心。
安全运营
by alirezarezvani
覆盖应用安全、漏洞管理与合规审计,支持代码/依赖扫描、CVE 评估、Secrets 检测和安全自动化,适合做安全基线落地、漏洞响应、审计检查与安全开发治理。
✎ 应用安全、漏洞管理和合规检查一套打通,还能自动化扫描与响应,帮团队更早发现并收敛风险。
安全审计
by alirezarezvani
安装前审计 Claude Code Skill 的代码执行、Prompt 注入和依赖供应链风险,支持本地目录或 Git 仓库扫描,输出 PASS/WARN/FAIL 结论及修复建议
✎ 把代码审查、漏洞扫描和合规检查串成一条线,帮团队更早发现风险,做安全治理更省心。
相关 MCP 服务
by Sentry
搜索和分析 Sentry 错误报告,辅助调试。
✎ 把零散的 Sentry 错误报告变成可检索线索,帮你在海量报错里更快定位线上故障,排障调试明显省时。
by sinewaveai
为 AI agents 提供安全层:拦截 prompt injection、识别伪造 packages,并扫描漏洞风险。
✎ 给 AI Agent 补上关键安全层,能拦截 prompt 注入、识别伪造包并扫描漏洞风险,把防护前置更省心。
by pantheon-security
强化安全性的 NotebookLM MCP,集成 post-quantum encryption,提升数据防护能力。