Pragmatic coding standards for writing clean, maintainable code — naming, functions, structure, anti-patterns, and pre-edit safety checks. Use when writing new code, refactoring existing code, reviewing code quality, or establishing coding standards.
Security Analysis
high confidenceThis is an instruction‑only coding-standards skill (no code, no installs, no credentials requested) and its requirements and instructions are consistent with its stated purpose.
Name/description (clean code guidance, reviews, refactors) match the content: rules, examples, templates and refactoring catalogs. The skill does not request unrelated binaries, env vars, or system paths.
SKILL.md and platform templates provide prescriptive guidance for generating and modifying code. They instruct the agent to check imports, tests, and dependents before editing—behavior that is appropriate for a code-refactoring/review assistant and stays within the stated purpose. There are no instructions to read unrelated system files, access secrets, or send data to external endpoints.
The skill is instruction-only and the package manifest contains no install spec (lowest technical risk). The README includes example install commands (npx clawhub / npx add GitHub URL) which point to a GitHub location; because the registry metadata lists 'Source: unknown' you may want to verify the upstream repository before running those install commands. No archives, URLs for downloads, or extract/install actions are declared in the skill metadata itself.
The skill declares no required environment variables, credentials, or config paths. Templates and guidance do not reference secrets or unrelated environment variables.
always:false and the skill is user-invocable. It does not request permanent presence, nor does it modify other skills or system-wide agent settings. Autonomous invocation is allowed by platform default but is not combined with other red flags.
Guidance
This skill is an instruction-only style guide for writing and refactoring code — it contains rules, examples and templates but no executable code or credential requests in the package metadata. Before installing or following its automated install instructions: 1) Verify the upstream repository referenced in the README (the registry metadata lists source as unknown). 2) Review the rules to ensure they match your team's conventions (these are opinionated best practices). 3) If you allow an agent to apply these rules automatically, remember it will need access to your project files — only grant file/repo access to agents you trust. 4) If you plan to run the README's npx or copy commands, inspect the remote repository first so you know what code (if any) is being downloaded or executed.
Latest Release
v1.0.0
Major update: Comprehensive clean code standards, patterns, and anti-patterns guide. - Added core clean code principles (SRP, DRY, KISS, YAGNI, Boy Scout). - Detailed naming conventions with anti-patterns and practical examples. - Expanded function rules: guidelines on size, arguments, side effects, and guard clauses. - Introduced code structure patterns: composition, colocation, and extraction. - Provided anti-patterns table with actionable fixes. - Included a pre-edit safety checklist to prevent unintended breakage. - Full rewrite and significant expansion from prior versions.
More by @wpank
Published by @wpank on ClawHub
