zeroclaw
本页为离线静态分析自动生成;分数为信号驱动启发式,请结合证据与人工复核使用。
项目概况
- 名称:
zeroclaw - 版本:
0.1.0 - Git HEAD:
1eadd88cf509 - 最近提交:
2026-02-15T09:03:42-05:00 - 许可证:
LICENSE - 语言: Rust(85), YAML(6), Markdown(5), TOML(2), Shell(1)
README 摘要
Zero overhead. Zero compromise. 100% Rust. 100% Agnostic. ⚡️ Runs on $10 hardware with
评分(0-10)
| 维度 | 分数 |
|---|---|
| 代码质量 | 4.5 |
| 可维护性 | 6.5 |
| 健壮性 | 6.5 |
| 可持续性 | 8.0 |
| 可迁移性 | 3.0 |
| 综合 | 5.7 |
工程信号
CI / 测试
- CI: 4 个 workflow
.github/workflows/ci.yml,.github/workflows/docker.yml,.github/workflows/release.yml,.github/workflows/security.yml
- CI 操作系统: linux
- Docker: 有
- 测试信号:
dir:tests/
代码质量工具
- 校验库: rust:serde
安全与治理
- 安全文档: 有
- 安全扫描: ci:cargo-audit:.github/workflows/security.yml
- 治理: file:CONTRIBUTING.md
架构与发布
- 插件/Provider 结构: dir:src/integrations/, dir:src/providers/
- 发布信号: ci-file:.github/workflows/release.yml, ci:publish:.github/workflows/release.yml, ci:release:.github/workflows/ci.yml, ci:release:.github/workflows/release.yml, rust:versioned-package
- 可观测性: rust:tracing
技术栈与依赖
- Rust: name=
zeroclawcargo_lock=True- deps:
anyhow,async-trait,axum,chacha20poly1305,chrono,clap,console,cron,dialoguer,directories,futures-util,hex,hmac,hostname,http-body-util,lettre…
- deps:
评分依据(信号 → 证据)
代码质量
- +2 CI: 4 workflow(s)
- +2.5 tests: 1 signal(s)
可维护性
- +1 README present
- +1 docs dirs: docs/
- +1 CHANGELOG present
- +1.5 governance: file:CONTRIBUTING.md
- +1 Cargo.lock present
- +1 CI present
健壮性
- +2 tests present
- +1 config signals: dir:docs/
- +1 security docs present
- +1 validation libs: rust:serde
- +0.5 retry/timeout libs (signals): rust:reqwest, rust:tokio
- +1 CI present
可持续性
- +1 license present
- +1 version: 0.1.0
- +1 CHANGELOG present
- +0.5 security docs present
- +0.5 alerting/observability (signals): rust:tracing
- +1 security scans: ci:cargo-audit:.github/workflows/security.yml
- +1 release signals: ci-file:.github/workflows/release.yml, ci:publish:.github/workflows/release.yml, ci:release:.github/workflows/ci.yml, ci:release:.github/workflows/release.yml, rust:versioned-package
- +2 recent commit (≤30d)
可迁移性
- +2 Docker present
- +1 plugin/provider structure (signals): dir:src/integrations/, dir:src/providers/
安全与风险信号(静态扫描)
高风险模式(需人工复核)
- 文档中的风险模式:1 条(
curl|bash等安装指引,通常为预期行为)
改进建议
- 在 CI 中启用 Rust 静态检查:
cargo fmt --check+cargo clippy -D warnings。