dev-factoryAutomates software development by discovering ideas from GitHub, CVEs, and news, generating code with ChatDev 2.0 agents, testing, self-correcting, and publi...
Install via ClawdBot CLI:
clawdbot install rebugui/dev-factoryGrade Fair — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Accesses system directories or attempts privilege escalation
/var/log/Calls external URL not in known-safe list
https://github.com/rebugui/OpenClaw.gitUses known external API (expected, informational)
api.search.brave.comAI Analysis
This skill has legitimate development automation functionality but presents medium security risk due to: 1) Execution of arbitrary code generation and deployment without user validation, 2) External API calls to unspecified endpoints (GLM, GitHub, Notion) requiring sensitive tokens, 3) Potential for privilege escalation through system directory access patterns. While aligned with stated purpose, the automated nature and external dependencies create attack surface.
Generated Mar 20, 2026
This scenario leverages the agent to automatically generate security tools like vulnerability scanners or file integrity monitors by analyzing CVE databases and security news. It's ideal for cybersecurity firms needing rapid prototyping of defensive utilities without manual coding overhead.
Here, the agent automates the development of DevOps utilities, such as configuration management scripts or monitoring tools, by sourcing ideas from GitHub Trending. It helps IT teams streamline operations by quickly generating reliable, tested code for infrastructure automation.
In this scenario, the agent discovers trending topics on GitHub and automatically creates fully functional open-source projects, complete with code, tests, and GitHub repositories. It's useful for developers or organizations looking to contribute to or initiate popular software trends efficiently.
This scenario uses the agent to generate educational tools or demos based on security news or trending code examples, providing hands-on learning materials. It supports training programs in tech education by producing interactive, up-to-date coding exercises automatically.
Startups can employ this agent to quickly prototype software ideas sourced from market trends, automating the development from concept to GitHub deployment. It accelerates product validation cycles by generating MVP code with built-in testing and self-correction features.
Offer the agent as a cloud-based service where users submit ideas via a web interface, and it automatically develops and deploys tools to their GitHub. Revenue comes from subscription tiers based on project volume and support levels, targeting small teams and indie developers.
Provide consulting services to integrate and customize the agent for specific client needs, such as tailored discovery sources or specialized output formats. Revenue is generated through project-based fees and ongoing maintenance contracts for enterprises in cybersecurity or DevOps.
Create a marketplace where tools generated by the agent are listed for sale or open-source collaboration, with revenue from commissions on sales or premium listings. This model monetizes the agent's output by connecting developers with ready-made utilities and fostering a community around automated code.
💬 Integration Tip
Ensure all API keys (GLM, GitHub, Notion) are securely configured in the .env file and test the ChatDev server connection before scheduling automated runs to avoid failures in the development pipeline.
Scored Apr 19, 2026
Audited Apr 17, 2026 · audit v1.0
Guide for creating effective skills. This skill should be used when users want to create a new skill (or update an existing skill) that extends Claude's capabilities with specialized knowledge, workflows, or tool integrations.
Use the @steipete/oracle CLI to bundle a prompt plus the right files and get a second-model review (API or browser) for debugging, refactors, design checks, or cross-validation.
Use when starting any conversation - establishes how to find and use skills, requiring Skill tool invocation before ANY response including clarifying questions
Systematic code review patterns covering security, performance, maintainability, correctness, and testing — with severity levels, structured feedback guidance, review process, and anti-patterns to avoid. Use when reviewing PRs, establishing review standards, or improving review quality.
Coding style memory that adapts to your preferences, conventions, and patterns for consistent coding.
Provides a 7-step debugging protocol plus language-specific commands to systematically identify, verify, and fix software bugs across multiple environments.