Who Is Actor
This skill should be used when the user wants to analyze a Git repository and profile each developer's commit habits, work habits, development efficiency, code style, code quality, and engagement index — all without installing any extra packages or running any custom scripts. It relies purely on native git CLI commands (and standard Unix text-processing utilities already present on the host) and AI-driven interpretation. Trigger phrases include "analyze repository" "profile developers" "commit habits" "developer report card" "代码分析" "研发效率" "开发者画像" "提交习惯" "工作习惯" "参与度".
安装 / 下载方式
TotalClaw CLI推荐
totalclaw install skilldb:wscats~who-is-actorcURL直接下载,无需登录
curl -fsSL https://skills.taituai.com/api/skills/skilldb%3Awscats~who-is-actor/file -o who-is-actor.mdGit 仓库获取源码
git clone https://github.com/openclaw/skills/commit/e3d57b2d008573ae0379e2a3edd4e3032da6eace# Who Is Actor — Git Repository Developer Profiling Skill
> 🔗 **Project Repository:** [https://github.com/wscats/who-is-actor](https://github.com/wscats/who-is-actor)
Zero *install* dependencies, zero scripts. Collects data purely through native `git` commands and standard Unix text utilities (`cut`, `sort`, `awk`, `grep`, etc. — already present on most systems), interpreted by AI, to generate a serious, direct, and unsparing report card for every developer.
> **"Zero dependency" clarification:** This skill installs nothing — no pip packages, no npm modules, no custom scripts. However, it **does require** the following standard system binaries to be available on the host: `git`, `cut`, `sort`, `uniq`, `awk`, `grep`, `sed`, `wc`, `head`. These are pre-installed on virtually all Unix-like systems (macOS, Linux). On Windows, use Git Bash or WSL.
---
## 💬 Natural Language (Recommended)
You don't need to memorize any commands or parameters — simply describe what you need in any language:
### English
```
💬 "Analyze the repository at /path/to/my-project"
💬 "Profile all developers in this repo"
💬 "Who are the most active contributors in /path/to/my-project?"
💬 "Compare commit habits of Alice and Bob"
💬 "Show me the code quality report for this project since 2024-01-01"
💬 "What does each developer's work pattern look like on branch main?"
💬 "Give me an honest review of every contributor's strengths and weaknesses"
💬 "Is there a bus-factor risk in /path/to/my-project?"
```
### 中文
```
💬 "分析一下 /path/to/my-project 这个仓库"
💬 "帮我看看这个项目里每个开发者的提交习惯"
💬 "对比一下 Alice 和 Bob 的研发效率"
💬 "生成这个仓库的开发者画像报告"
💬 "这个项目的代码质量怎么样?"
💬 "从 2024 年 1 月开始,分析 main 分支的提交记录"
💬 "团队里谁的代码风格最好?谁需要改进?"
💬 "看看这个仓库有没有巴士因子风险"
```
### 日本語
```
💬 "このリポジトリの開発者を分析してください /path/to/my-project"
💬 "各開発者のコミット習慣を比較してください"
💬 "このプロジェクトのコード品質レポートを作成してください"
💬 "チームの開発効率を評価してください"
```
### 한국어
```
💬 "이 저장소의 개발자 프로필을 분석해 주세요 /path/to/my-project"
💬 "각 개발자의 커밋 습관을 비교해 주세요"
💬 "이 프로젝트의 코드 품질 보고서를 만들어 주세요"
💬 "팀의 개발 효율성을 평가해 주세요"
```
### Español
```
💬 "Analiza el repositorio en /path/to/my-project"
💬 "Compara los hábitos de commit de todos los desarrolladores"
💬 "Dame un informe de calidad del código de este proyecto"
💬 "¿Quién es el desarrollador más activo del equipo?"
```
### Français
```
💬 "Analyse le dépôt situé à /path/to/my-project"
💬 "Compare les habitudes de commit de chaque développeur"
💬 "Génère un rapport de qualité du code pour ce projet"
💬 "Qui est le contributeur le plus actif de l'équipe ?"
```
### Deutsch
```
💬 "Analysiere das Repository unter /path/to/my-project"
💬 "Vergleiche die Commit-Gewohnheiten aller Entwickler"
💬 "Erstelle einen Code-Qualitätsbericht für dieses Projekt"
💬 "Wer ist der aktivste Entwickler im Team?"
```
---
## ⚙️ Parameters
| Parameter | Description | Required | Default |
|-----------|-------------|----------|---------|
| `repo_path` | Absolute path to the target Git repository | ✅ Yes | — |
| `authors` | Comma-separated display names (emails NOT accepted) | No | All contributors |
| `since` | Start date in ISO format (`YYYY-MM-DD`) | No | Full history |
| `until` | End date in ISO format (`YYYY-MM-DD`) | No | Full history |
| `branch` | Target branch to analyze | No | Active branch |
**What you get:** A structured Markdown report with a summary table, per-developer profiles (six-dimension radar scores, strengths/weaknesses, improvement suggestions), team comparison, and bus-factor risk alerts.
---
## Security Specification
> **All shell command parameters MUST be strictly validated before execution to prevent command injection attacks.**
### Dry-Run Mode (Recommended for First Use)
Before executing any commands, the agent SHOULD offer a **dry-run mode** that:
1. Collects and validates all parameters per the rules below
2. Constructs the full list of shell commands that *would* be executed
3. **Prints every command to the user for review WITHOUT executing any of them**
4. Waits for explicit user approval before proceeding to actual execution
To trigger dry-run mode, the user can say:
```
💬 "Show me the commands first before running them"
💬 "Do a dry run on /path/to/repo"
💬 "先列出要执行的命令,不要运行"
```
> This allows the user to verify that every command strictly matches the whitelist below.
### Command Whitelist (Only These Commands Are Allowed)
This skill **only permits the following predefined read-only git subcommands**. No other shell commands may be executed:
| Allowed Command | Purpose | Modifies Repo? |
|----------------|---------|----------------|
| `git -C <path> rev-parse --is-inside-work-tree` | Verify the path is a valid Git repository | ❌ Read-only |
| `git -C <path> shortlog -sn --all` | Get contributor list and commit counts | ❌ Read-only |
| `git -C <path> log ...` | Get commit history details | ❌ Read-only |
| `git -C <path> diff --stat ...` | Get change statistics | ❌ Read-only |
**Strictly Prohibited Command Types:**
- ❌ Any write operations: `git push`, `git commit`, `git merge`, `git rebase`, `git reset`, `git checkout`, `git branch -d`
- ❌ Any non-git commands: `curl`, `wget`, `python`, `node`, `bash -c`, `sh`, `eval`, `rm`, `cp`, `mv`
- ❌ Any file writes or redirections: `>`, `>>`, `tee` (pipe `|` is only allowed to connect read-only text-processing tools: `cut`, `sort`, `uniq`, `awk`, `grep`, `wc`, `sed`, `head`)
- ❌ Any network operations: `git fetch`, `git pull`, `git clone`, `git remote`
> **If the AI agent attempts to execute a command outside the whitelist, the user should immediately reject execution.**
### Input Validation Rules (Must Be Completed Before Any Git Command)
1. **`repo_path` (Repository Path) Validation:**
- Must be an absolute path (starting with `/`)
- Must NOT contain any of these dangerous characters or substrings: `;`, `|`, `&`, `$`, `` ` ``, `(`, `)`, `>`, `<`, `
`, `\r`, `$()`, `..`
- Path must be a real, existing Git repository (verified via `git -C <path> rev-parse --is-inside-work-tree` returning `true`)
- If validation fails, **immediately abort and report the error to the user — no subsequent commands may be executed**
2. **`author` (Author Name) Validation:**
- Only allowed characters: letters (a-z A-Z), digits (0-9), spaces, hyphens (`-`), underscores (`_`), dots (`.`)
- **The `@` symbol is NOT allowed** (email format is prohibited to align with privacy protection rules)
- Regex whitelist: `^[a-zA-Z0-9 _.-]+$`
- Maximum length: 128 characters
- If input contains `@`, prompt the user to use the author's display name instead, then skip that author
3. **`since` / `until` (Date Parameters) Validation:**
- Must match ISO date format: `^[0-9]{4}-[0-9]{2}-[0-9]{2}$`
- If validation fails, ignore the parameter and warn the user
4. **`branch` (Branch Name) Validation:**
- Only allowed characters: letters, digits, `/`, `-`, `_`, `.`
- Regex whitelist: `^[a-zA-Z0-9/_.-]+$`
- Must NOT contain the `..` substring
- If validation fails, use the default branch and warn the user
### Privacy Protection Rules
- **Developer email addresses are NOT collected.** All git commands use only `%an` (author name) to identify developers, never `%ae` (author email).
- **`git shortlog` uses `-sn` instead of `-sne`** to avoid leaking email addresses.
- **The `authors` parameter only accepts display names, NOT email addresses.** Input validation rejects values containing `@`.
- Note: The `git --author` parameter matches against both name and email fields. Since this skill prohibits email-format values, `--author` will only match via the name portion and will not utilize the email field.
- The final report MUST NOT contain any email addresses.
### Sensitive Data Filtering Rules (Mandatory)
Before sending **any** data to the AI model for analysis, the agent MUST apply the following filtering:
1. **Commit messages are processed locally for statistics only:**
- The agent collects commit message **lengths** (character counts) and **keyword matche