Systematic quality check for code, skills, configs, and documents. Two modes — GLIC for internal quality (4 dimensions: Grammar / Logic / Integrity / Contain...
Security Analysis
high confidenceThis is a disclosed quality-review skill that reads user-selected targets and reports findings, with no evidence of hidden exfiltration, persistence, or automatic mutation.
The artifacts consistently describe a GLIC/UGLIC review workflow for code, skills, configs, and documents; the main behavior is reading scoped content, applying checklists, and producing cited findings.
Invocation language is broad for ordinary review requests, but the workflow requires intent matching, target inference or asking the user when no target is specified, and confirmation before fixing anything.
The package contains markdown references and one optional local grep helper; no install hooks, package-manager actions, network setup, or privilege changes are present.
The skill may read all in-scope files for a requested review and can optionally run a local shell helper, which is proportionate to its audit purpose and disclosed in the instructions.
No persistence, background workers, credential/session use, scheduled execution, privilege escalation, or automatic file mutation is shown; fixes are explicitly gated on user confirmation.
Guidance
Install it if you want structured code or skill reviews, but be aware that broad review phrases may invoke it; specify the exact files or diff you want checked, and review any proposed fixes before approving changes.
Latest Release
v1.0.1
v1.0.1 — Self-check + three-tier sample validation patches. Found 6 real gaps in v1.0.0 by running the tool on itself + three real skills (small/mid/large). All fixed in this patch. NEW SUB-CHECKS in dimensions.md: - U-Agent: SKILL.md length budget (WARN >500 lines, ERR >800) - U-Agent: progressive read hint for long SKILL.md - I-Skill: cross-section reference resolution (broken section numbers) - I-Skill: no build/runtime artifacts in source (sign.key, __skill_meta__.json, etc.) - I-Skill: frontmatter field discipline (only name + description) WORKFLOW IMPROVEMENT in SKILL.md: - Step 2 now distinguishes small vs large targets (structural scan first) - Severity escalation rule clarified: 3x WARN only within the same check NEW HELPER: - scripts/grep_antipatterns.sh — half-auto pre-scan (vague directives, SKILL.md length, frontmatter, artifacts, section refs) NEW EXAMPLE: - Example 5 in examples.md: large skill with 18 findings — sets honest expectation that complex skills produce more findings (3 ERR / 13 WARN / 2 INFO)
More by @songhonglei
Published by @songhonglei on ClawHub
