tinyclaw
本页为离线静态分析自动生成;分数为信号驱动启发式,请结合证据与人工复核使用。
项目概况
- 名称:
tinyclaw - 版本:
0.0.6 - Git HEAD:
8d3803011ed7 - 最近提交:
2026-02-23T22:48:12+08:00 - 许可证:
LICENSE - 语言: TypeScript(51), Markdown(30), Shell(19), JSON(9), Python(1), YAML(1)
README 摘要
Multi-agent, Multi-team, Multi-channel, 24/7 AI assistant Run multiple teams of AI agents that collaborate with each other simultaneously with isolated workspaces.
评分(0-10)
| 维度 | 分数 |
|---|---|
| 代码质量 | 2.5 |
| 可维护性 | 5.5 |
| 健壮性 | 1.0 |
| 可持续性 | 6.0 |
| 可迁移性 | 0.0 |
| 综合 | 3.0 |
工程信号
CI / 测试
- CI: 1 个 workflow
.github/workflows/release.yml
- CI 操作系统: linux
代码质量工具
- 类型检查: file:tsconfig.json
安全与治理
- 治理: file:.github/PULL_REQUEST_TEMPLATE.md, file:CONTRIBUTING.md
架构与发布
- 发布信号: ci-file:.github/workflows/release.yml, ci:release:.github/workflows/release.yml
技术栈与依赖
- Node: name=
tinyclawtype=Nonelockfile=package-lock.json- deps:
@hono/node-server,@types/better-sqlite3,@types/node,@types/node-telegram-bot-api,@types/qrcode-terminal,@types/react,better-sqlite3,discord.js,dotenv,hono,ink,ink-gradient,ink-spinner,jsonrepair,node-telegram-bot-api,qrcode-terminal…
- deps:
评分依据(信号 → 证据)
代码质量
- +2 CI: 1 workflow(s)
- +1.5 typecheck: file:tsconfig.json
- -1 risky code patterns present (review needed)
可维护性
- +1 README present
- +1 docs dirs: docs/
- +1.5 governance: file:.github/PULL_REQUEST_TEMPLATE.md, file:CONTRIBUTING.md
- +1 lockfile: package-lock.json
- +1 CI present
健壮性
- +1 config signals: dir:docs/
- +1 CI present
- -1 risky code patterns present (review needed)
可持续性
- +1 license present
- +1 version: 0.0.6
- +1 release signals: ci-file:.github/workflows/release.yml, ci:release:.github/workflows/release.yml
- +1 tags: 6 tag(s)
- +2 recent commit (≤30d)
可迁移性
- (无信号)
安全与风险信号(静态扫描)
高风险模式(需人工复核)
curl|bash (code)atscripts/remote-install.sh:3- 文档中的风险模式:6 条(
curl|bash等安装指引,通常为预期行为)
改进建议
- 补齐最小测试集:smoke + 关键失败路径,并在 CI 中运行。
- 在 CI 增加安全扫描(依赖审计/secret 扫描/静态分析等)并设为质量闸门。
- 审计高风险执行路径(
eval/exec/shell=True/curl|bash等):最小权限、输入验证、隔离执行。