- Home
- Skills
- Openharmonyinsight
- Openharmony Skills
- Dsoftbus Security
dsoftbus-security_skill
- Python
0
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill openharmonyinsight/openharmony-skills --skill dsoftbus-security- SKILL.md14.7 KB
Overview
This skill is a dedicated code review assistant for OpenHarmony dsoftbus (distributed soft bus) C/C++ code. It performs a comprehensive, read-only security and logging规范 inspection covering 40+ rules across pointer safety, memory, locks, sensitive data, and more. It generates detailed, actionable reports and repair suggestions without modifying source files.
How this skill works
The tool scans specified files or repository paths and applies pattern checks and context-aware analyses against the rule set. It builds call graphs and control-flow graphs for cross-file dataflow and resource-tracking, then produces a prioritized findings report with example fixes. It only runs when the user input includes the trigger phrase "软总线安全卫士" and never changes source files.
When to use it
- Review dsoftbus component code in OpenHarmony (C/C++).
- Validate IPC, network, and multi-threaded communication code before merge.
- Audit code for logging and sensitive-data handling compliance.
- Investigate memory, file descriptor, and lock management issues across files.
- Perform a focused review on local modifications or the whole repository before release.
Best practices
- Invoke the skill with the exact trigger phrase "软总线安全卫士" and a path or let it inspect repository changes.
- Start with an incremental review of modified files, then expand to full-module checks for critical changes.
- Prioritize fixes marked as severe (null-deref, leak, sensitive-logging) before warnings.
- Use the provided repair examples directly in the report; apply changes via separate, reviewed commits.
- Combine pattern checks with context analysis to reduce false positives (follow cross-file traces).
Example use cases
- User asks: "软总线安全卫士 Please review D:\code\example.c" to get a focused file report.
- Run: "软总线安全卫士 check this directory" to audit a module and receive a timestamped report directory.
- Inspect local edits: the skill compares git status and can do incremental checks on changed files.
- Trace malloc/free pairs and locks across files to find mismatches and generate patch-style repair suggestions.
- Detect logging of secrets (keys, paths, device IDs) and provide anonymization or removal recommendations.
FAQ
No. It is strictly read-only. It only generates analysis and suggested fixes in the report; it does not alter files.
When is the skill triggered?
You must include the trigger phrase "软总线安全卫士" in your request for the skill to run.
What languages and code types are supported?
Focused on C and C++ system-level dsoftbus code, especially IPC, networking, and multithreaded paths.