Agent审查
- 作者仓库星标 883
- 作者更新于 实时读取
- 作者仓库 stencila
- 领域
- 安全
- 兼容 Agent
-
- Claude Code
- Cursor
- Cline
- Codex
- Windsurf
- Gemini CLI
- +20
- 信任分
- 88 / 100 · 社区维护
- 作者 / 版本 / 许可
- @stencila · 未声明 license
- Token 消耗评级
- 低消耗
- 接入复杂程度
- 需简单配置
- 是否需要外部 API Key
- 不需要
- 兼容的系统
- macOS · Linux · Windows
- 底层运行要求
- Node.js
- 文件与系统权限
-
- 只读
- 允许写入 / 修改
- Shell 执行
- 网络行为
- 仅限本地
- 安装命令数
- 26 条
档案由构建时根据 SKILL.md 与安装命令自动衍生,可能与作者实际意图存在差异。
需要注意: 未限定 allowed-tools,默认拥有全部工具权限。
---
name: skill-review
description: Critically review a workspace skill and suggest improvements. Use when asked to review, audit, c…
category: 安全
runtime: Node.js
---
# skill-review 输出预览
## PART A: 任务判断
- 适用问题:安全审计、密钥扫描、权限检查或风险分析。
- 输入要求:目标材料、限制条件、期望输出和验收方式。
- 证据边界:围绕“Overview / Steps / Review Checklist”读取原文规则,不把推断写成作者承诺。
## PART B: 执行结果
- **01** 任务判断:确认你的需求是否属于安全审计、密钥扫描、权限检查或风险分析,并标出输入、限制和预期结果。
- **02** 执行计划:优先按“Overview / Steps / Review Checklist”拆成步骤,说明每一步会读取什么、修改什么、产出什么。
- **03** 交付结果:给出可复制的命令、文件改动、检查清单或内容草稿,并说明如何继续迭代。
- **04** 风险边界:结合 读取文件、写入/修改文件、执行终端命令、主要在本地完成、通常不需要额外 API Key 给出执行前确认项。
## Running Rules
- 读取文件、写入/修改文件、执行终端命令;主要在本地完成;通常不需要额外 API Key。
- 先小样例验证,再放大到真实任务。
- 交付时同时给结果、检查口径和下一步迭代建议。 原文没有稳定的斜杠命令要求。安装验证后通常全局生效,直接在对话里点名这个 Skill 并描述任务即可。
告诉 Agent 目标文件或材料、期望结果、不可改范围、是否允许联网或执行命令。本 Skill 的权限画像是:读取文件、写入/修改文件、执行终端命令。
先用一个小任务确认它会围绕“Overview / Steps / Review Checklist”工作;涉及文件或命令时,先看 diff、日志、预览或测试结果。
检查最终产物是否包含明确结果、必要证据和下一步动作;如果输出泛泛而谈,就补充输入、边界和验收标准后重跑。
---
name: skill-review
description: Critically review a workspace skill and suggest improvements. Use when asked to review, audit, c…
category: 安全
source: stencila/stencila
---
# skill-review
## 什么时候使用
- 用于审阅代码、文档或方案并给出可执行反馈 适合处理安全审计、密钥扫描、权限检查和风险分析,核心价值是把输入、判断、执行、验证和交付边界固定下来,避免 Agent 泛泛回答。 把任务拆成可执行、可检查、可继续迭代的步骤;通常不需要额外 A…
- 面向安全审计、密钥扫描、权限检查或风险分析,优先处理能明确输入、步骤和验收标准的工作。
## 需要提供什么
- 目标材料、目录范围、期望结果和不可改动内容。
- 是否允许联网、执行命令、读写文件或调用外部服务。
## 执行规则
- 围绕「Overview / Steps / Review Checklist」组织步骤,不把推断写成作者事实。
- 读取文件、写入/修改文件、执行终端命令;主要在本地完成;通常不需要额外 API Key。
- 先跑小样例,确认结果可检查后再扩大任务范围。
## 输出要求
- 给出最终产物、关键证据、验证方式和下一步动作。
- 信息不足时标记 unknown,不编造命令、平台或依赖。 作者原文负责流程事实;仓库文件负责来源和命令;流狐只补充适用场景、限制和质量判断。
skill "skill-review" {
输入层 -> 用户目标 + 目标文件 + 禁止范围 + 验收标准
上下文层 -> Overview / Steps / Review Checklist
规则层 -> SKILL.md 触发条件 / 执行顺序 / 输出格式
运行层 -> Node.js | 读取文件、写入/修改文件、执行终端命令 | 主要在本地完成
安全层 -> 通常不需要额外 API Key + 小任务验证 + diff / 日志复核
输出层 -> 可复制结果 + 检查清单 + 下一步迭代
} Overview
Review an existing workspace skill for quality, correctness, completeness, and self-containment. Produce a structured report with specific, actionable suggestions for improvement. The review covers frontmatter fields, instruction clarity, step structure, examples, edge cases, adherence to the Agent Skills Specification, and whether the skill avoids depending on files outside its own directory.
Steps
- Identify the skill to review from the user's request — accept a skill name, a directory path, or a
SKILL.mdfile path - Resolve the skill file: if given a name, look for
.stencila/skills/<name>/SKILL.mdwalking up from the current directory; if given a path, use it directly - Read the full
SKILL.mdfile and any supporting files in the skill directory (scripts/,references/,assets/) - Check whether the skill refers to documentation, specifications, or other content outside the skill directory; if it does, assess whether that material should be copied, summarized, or excerpted into local
references/files instead - Evaluate the skill against each criterion in the Review Checklist below
- Produce a structured review report with a summary, per-criterion findings, and a prioritized list of suggestions
- If the user asks you to apply the improvements, make the changes and validate the result with
stencila skills validate <skill-name>
Review Checklist
Frontmatter
- name: present, matches directory name, valid kebab-case (
^[a-z0-9]([a-z0-9-]{0,62}[a-z0-9])?$) - description: present, under 1,024 characters, specific (not vague), includes keywords that help agents match the skill to user requests
- Optional fields:
license,compatibility,allowed-tools,metadata— check for correctness if present (e.g., valid SPDX identifier,compatibilityunder 500 characters,allowed-toolsis space-delimited)
Tooling and allowed-tools
- Check that the skill includes only tools it genuinely needs
- Check that tool choices match the actions described in the steps and examples
- If the skill modifies existing files, check whether
apply_patchoredit_fileshould be allowed - If the skill creates files from scratch, check whether
write_fileshould be allowed - If the skill may need clarification, confirmation, or approval from the user while executing, check whether
ask_usershould be allowed
Use this table when reviewing tool coverage and fit:
| Tool | Review / checking focus | Should usually be present when |
|---|---|---|
read_file |
Check whether the skill needs to inspect existing files | The steps require reading repository or workspace content |
write_file |
Check whether the skill needs to create new files or replace whole files | The steps create files from scratch |
apply_patch, edit_file |
Check whether the skill needs to update existing files in place | The steps revise existing files; some models prefer one or the other |
grep |
Check whether the skill needs content search | The steps look for patterns, symbols, or references |
glob |
Check whether the skill needs file discovery | The steps locate files or directories by pattern |
web_fetch |
Check whether the skill needs to retrieve external web content into local files | The steps review or summarize web pages or external documentation |
shell |
Check whether the skill needs command execution | The steps run validation, formatting, tests, or other CLI checks |
ask_user |
Check whether the skill needs user clarification or approval | The workflow may pause for feedback before continuing |
Discovery and Delegation Metadata
- keywords: if present, check that keywords are relevant, not redundant with the description, and include likely user intent words, artifact types, and domain terms. Flag generic or overly broad keywords. If absent, recommend adding keywords to improve discoverability
- Coherence check: verify that
descriptionandkeywordswork together — they should be complementary, not redundant. Flag cases where the same text appears verbatim in multiple fields
Structure and Clarity
- Uses step-by-step numbered lists that are easy for a model to follow
- Steps are in a logical order with no missing or circular dependencies
- Language is imperative and unambiguous (e.g., "Read the file" not "You might want to read the file")
- No orphaned sections or dangling references to files that don't exist
Completeness
- Includes concrete input/output examples
- Covers edge cases and common pitfalls
- No placeholder content (
TODO,<placeholder>, or empty sections) - References to external files (
scripts/,references/,assets/) point to files that actually exist in the skill directory
Self-Containment and References
- The skill is self-contained and does not depend on reading files outside its own directory
SKILL.mddoes not send agents to repo documentation, specs, or other external files outside the skill directory for essential instructions- If outside material is needed, the skill includes a local summary, excerpt, or copy in
references/ - Reference files are focused and appropriately scoped rather than large catch-all documents
- Links and relative paths point only to files within the skill directory
Workflow Agnosticism
Skills must describe generic domain competence, not workflow orchestration. Check for these violations:
workflow_*tool references: The skill must not referenceworkflow_get_context,workflow_set_context,workflow_set_route, orworkflow_get_output. These are workflow tools — the workflow's stage prompts should call them, not the skill.- Context Keys or Route Labels tables: The skill must not define tables of workflow context keys or route labels. The workflow owns its data contract.
- Workflow node names: The skill must not reference specific workflow node names (e.g.,
RunTestsRed,CheckRemaining) or workflow files. - Generic inputs/outputs: The skill should declare what it needs in a "Required Inputs" table and what it produces in an "Outputs" table, using domain-appropriate names rather than context key names. After the inputs table, it should include a bridging sentence like: "When used standalone, these inputs come from the user or the agent's prompt. When used within a workflow, the workflow's stage prompt will specify how to obtain them."
- Standalone fallbacks: If the skill falls back to reading from a well-known location (e.g.,
.stencila/plans/) when an input is missing, check that this is framed as a standalone convenience, not as the primary contract. Look for language like "as a standalone convenience" or "in workflow use, the stage prompt should provide this explicitly." - Implicit mode switches: If the skill has multiple operational modes driven by the presence or absence of specific inputs (e.g., "selection mode" vs "completion-check mode"), consider whether these should be separate skills. A single skill doing two fundamentally different jobs is often a sign that workflow protocol has leaked into the skill layer.
Any workflow_* reference or context-key/route-label table in a skill is a ❌ Fail. Recommend moving the workflow-specific details into the workflow's stage prompts and restructuring the skill around generic inputs and outputs.
Size and Focus
- Body is under 500 lines / 5,000 tokens
- Skill has a single clear purpose — not trying to do too many things
- Detailed reference material is moved to
references/files rather than inlined - Individual reference files stay focused so agents can load only the context they need
Consistency
- Formatting is consistent (heading levels, list styles, code block languages)
- Terminology is used consistently throughout
- Conventions match other skills in the same workspace
Report Format
Structure the review as follows:
Summary
One to three sentences giving an overall assessment and the most important finding.
Findings
For each checklist area, report one of:
- ✅ Pass — criterion fully met
- ⚠️ Warning — minor issue or room for improvement
- ❌ Fail — significant problem that should be fixed
Include a brief explanation for warnings and failures.
Suggestions
A numbered list of specific, actionable improvements ordered by priority (most impactful first). Each suggestion should explain what to change and why.
Use heading level 3 (###) for each section in your output.
Examples
Input: "Review the skill-creation skill"
Process:
- Resolve to
.stencila/skills/skill-creation/SKILL.md - Read the file and check for supporting files in the directory (
scripts/,references/,assets/) - Check whether it relies on documentation outside the skill directory or whether any needed material has been localized into
references/ - Evaluate frontmatter:
nameisskill-creation, matches directory, valid kebab-case;descriptionis specific and under 1,024 characters - Evaluate structure, completeness, self-containment, size, and consistency against the checklist
- Run
stencila skills validate skill-creationto confirm the skill is valid - Produce the report below
Output (use ### headings in the report):
Summary
The skill-creation skill is well-structured with comprehensive coverage of naming rules, file format, and validation. Two minor improvements are possible.
Findings
Area Status Notes Frontmatter ✅ Pass Name and description are valid and specific Structure ✅ Pass Clear numbered steps in logical order Completeness ⚠️ Warning Template section serves as an example but a concrete before/after example would be clearer Size and Focus ✅ Pass Well within size limits, single purpose Consistency ✅ Pass Consistent formatting throughout Suggestions
- Add a concrete example showing a complete user request and the resulting
SKILL.mdfile, beyond the generic template- Consider adding an
allowed-toolsfield to pre-approvewrite_file,shell, andread_file
Edge Cases
- Skill not found: If the skill cannot be located, report the error clearly and suggest checking the name or path. List available skills if possible using
stencila skills listor by listing.stencila/skills/directories. - Multiple skills requested: Review each skill separately with its own report section. Ask the user to confirm if reviewing all skills is intended.
- Skill has no body content: Flag this as a failure — a skill with only frontmatter is incomplete.
- Supporting files are large: For files in
scripts/,references/, orassets/, check that they exist and are referenced fromSKILL.md, but do not reproduce their full content in the report. - Skill refers outside itself: Flag references to files or docs outside the skill directory as a self-containment issue. Recommend moving the necessary material into focused files under
references/and updating links to those local files. - User asks to fix issues: If the user asks you to apply suggestions, make the changes, then validate with
stencila skills validate <skill-name>before reporting completion.
Validation
When applying suggested improvements, validate the skill before reporting completion:
# By skill name
stencila skills validate <skill-name>
# By directory path
stencila skills validate .stencila/skills/<skill-name>
# By SKILL.md path
stencila skills validate .stencila/skills/<skill-name>/SKILL.md
Validation should pass before you report the changes as complete.
Limitations
- This skill reviews the structure and quality of a skill definition. It does not review the correctness or security of code in
scripts/files — only that they exist and are referenced fromSKILL.md. - The review does not execute the skill or test it against real inputs.
先判断是否适合
作者设计意图
作者的方法与取舍
边界和复核