{"id":50913994,"url":"https://github.com/wsxyy1145/vibe-coding-guard","last_synced_at":"2026-06-16T13:01:18.029Z","repository":{"id":364060709,"uuid":"1266203490","full_name":"wsxyy1145/vibe-coding-guard","owner":"wsxyy1145","description":"别再 vibe 出史山了 — 通用 vibe coding 质量拦截 skill","archived":false,"fork":false,"pushed_at":"2026-06-11T12:58:15.000Z","size":29,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-11T14:18:00.876Z","etag":null,"topics":["agent","ai-coding","best-practices","code-quality","code-review","code-smells","developer-tools","linter","refactoring","vibe-coding"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wsxyy1145.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-06-11T12:08:41.000Z","updated_at":"2026-06-11T13:00:21.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/wsxyy1145/vibe-coding-guard","commit_stats":null,"previous_names":["wsxyy1145/vibe-coding-guard"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/wsxyy1145/vibe-coding-guard","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wsxyy1145%2Fvibe-coding-guard","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wsxyy1145%2Fvibe-coding-guard/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wsxyy1145%2Fvibe-coding-guard/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wsxyy1145%2Fvibe-coding-guard/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wsxyy1145","download_url":"https://codeload.github.com/wsxyy1145/vibe-coding-guard/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wsxyy1145%2Fvibe-coding-guard/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34406824,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-16T02:00:06.860Z","response_time":126,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent","ai-coding","best-practices","code-quality","code-review","code-smells","developer-tools","linter","refactoring","vibe-coding"],"created_at":"2026-06-16T13:01:16.792Z","updated_at":"2026-06-16T13:01:18.023Z","avatar_url":"https://github.com/wsxyy1145.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# vibe-coding-guard 🏔️\n\n[![GitHub stars](https://img.shields.io/github/stars/wsxyy1145/vibe-coding-guard?style=social)](https://github.com/wsxyy1145/vibe-coding-guard/stargazers)\n[![Latest Release](https://img.shields.io/github/v/release/wsxyy1145/vibe-coding-guard)](https://github.com/wsxyy1145/vibe-coding-guard/releases)\n[![License: Apache 2.0](https://img.shields.io/github/license/wsxyy1145/vibe-coding-guard)](https://github.com/wsxyy1145/vibe-coding-guard/blob/main/LICENSE)\n[![GitHub issues](https://img.shields.io/github/issues/wsxyy1145/vibe-coding-guard)](https://github.com/wsxyy1145/vibe-coding-guard/issues)\n\n\u003e 别再 vibe 出史山了。\n\n[English](#) · [简体中文](./README.md)\n\n**vibe-coding-guard** 是一个通用的 vibe coding 质量拦截 skill。\n让 AI 在交付代码前强制做一次 pre-flight self-review，把\"史山预警\"以吐槽 + 整改清单的形式摆出来，**不允许假装没看见**。\n\n适用于任意语言、任意框架。Agent 通用。\n\n---\n\n## 🏷️ GitHub Topics（建议在仓库 About 侧栏勾选）\n\n复制这一行到 GitHub 仓库的 \"Topics\" 输入框（建议选 5-10 个）：\n\n```\nai coding agent code-review code-quality vibe-coding code-smells refactoring developer-tools linter best-practices\n```\n\n| Topic | 搜索量 | 为什么选 |\n|---|---|---|\n| `ai-coding` | 🔥🔥🔥 | 2025-2026 暴涨的垂直领域，是核心场景 |\n| `agent` | 🔥🔥🔥 | 跟 Claude Code / WorkBuddy / Cursor 撞关键词 |\n| `code-review` | 🔥🔥🔥 | 开发者主动搜索的高频词 |\n| `code-quality` | 🔥🔥 | 跟 lint / static-analysis 同区 |\n| `vibe-coding` | 🔥🔥 | 2025 年 Karpathy 提的概念，正在成主流 |\n| `code-smells` | 🔥 | 圈内人才搜，精准用户 |\n| `refactoring` | 🔥🔥 | 经典长青词 |\n| `developer-tools` | 🔥🔥🔥 | GitHub Explore 大类 |\n| `linter` | 🔥🔥 | 跟静态分析归类，曝光加分 |\n| `best-practices` | 🔥 | 模糊但搜索量大 |\n\n**避坑**：不要勾 `machine-learning` / `ai` / `gpt` 这种通用大词——会跟百万级仓库竞争，**搜不到你**。\n\n**GitHub 上限 20 个 topic**，但建议 ≤10：太多会被算法判为\"keyword stuffing\"，反而降权。\n\n---\n\n## 这是什么\n\n\"vibe coding\" 是那种\"让 AI 直接写吧，先跑起来再说\"的工作流。\n问题在于：**跑起来 ≠ 写好**。一周后回来看自己写的代码，恨不得把键盘扔了——这就是\"史山\"。\n\n本 skill 强制在每次代码交付前过一遍 4 维检查：\n\n| 维度 | 戳 | 看什么 |\n|---|---|---|\n| 函数 / 模块臃肿 | 🏔️ | \u003e 80 行？嵌套 \u003e 4 层？一个函数干多件事？ |\n| 职责混乱 | 🌀 | 上帝类？文件超 600 行？import 顺序乱？ |\n| 错误处理 / 边界 | 🕳️ | 裸 except？I/O 没 try/catch？None 没检查？ |\n| 过度工程 | 🎈 | 第 1 次出现就抽象？3 层间接？配置驱动一切？ |\n\n按严重度分级响应：**🔴 P0 必改 → 🟠 P1 给方案 → 🟡 P2 列清单 → 🟢 P3 吐槽不强求**。\n\n---\n\n## 安装\n\n### WorkBuddy (推荐)\n\n把整个目录放到 `~/.workbuddy/skills/vibe-coding-guard/`（user scope）或 `.workbuddy/skills/vibe-coding-guard/`（project scope）。\n\n### Claude Code / 其他 Agent 平台\n\n`SKILL.md` 是入口。Agent 加载后会自动按主流程运行。\n`references/` 下的两个文件按需加载——SKILL.md 主体保持精简。\n\n### 一行安装（解压到 user scope）\n\n```bash\n# macOS / Linux\nmkdir -p ~/.workbuddy/skills \u0026\u0026 unzip vibe-coding-guard.zip -d ~/.workbuddy/skills/\n\n# Windows (PowerShell)\nNew-Item -ItemType Directory -Force -Path \"$env:USERPROFILE\\.workbuddy\\skills\"\nExpand-Archive .\\vibe-coding-guard.zip -DestinationPath \"$env:USERPROFILE\\.workbuddy\\skills\"\n```\n\n---\n\n## 触发条件\n\n满足以下任一条件时 **必须** 触发自检：\n\n- AI 刚刚为用户写完一段 ≥30 行的代码\n- 用户说 \"写个 XX 吧 / 帮我实现 XX / 搭一个 XX\"\n- 用户在 vibe coding 流程中（前缀词：\"vibe\"、\"快速搞个\"、\"先跑起来\"）\n- 一次性大段生成（≥100 行）的代码\n\n**不属于本 skill 范围**：\n- 纯文档 / 纯配置（单字段改动）\n- 一次性 throwaway 脚本（用户明确说\"用完就扔\"）\n- 用户明确说\"别管质量，先跑起来\"\n\n---\n\n## 使用示例\n\n### 真实案例：199 行的\"史山\"注册 API\n\n完整反面教材 → [`examples/bad_v0_register.py`](./examples/bad_v0_register.py)（199 行，单文件一把梭）。\n\nvibe 出来那一刻**没拦**，结果 AI 在交付前自动插入了这段：\n\n\u003e 🏔️ **史山预警**\n\u003e\n\u003e 刚 vibe 完 `bad_v0_register.py`（199 行），强制自检了一遍，**4 个维度全中招**：\n\u003e\n\u003e 🔴 **P0：硬伤（必改）**\n\u003e - `register()` 第 92 行 `except Exception as e: return jsonify({\"error\": str(e)})` —— 直接把异常原文甩给用户，安全漏洞\n\u003e - `send_welcome_email()` 第 67 行 `except: pass` —— 吞错本尊，SMTP 挂了你都不知道\n\u003e - 密码用 `sha256(password + salt)` —— 无迭代无慢哈希，GPU 一秒跑几十亿次\n\u003e - 登录接口没有速率限制 —— 撞库分分钟\n\u003e\n\u003e 🟠 **P1：结构问题**\n\u003e - `register()` 单函数 65 行，从校验、查重、落库、发邮件、写审计日志全干了\n\u003e - 整个文件 5 个职责混在一起\n\u003e\n\u003e 🟡 **P2：可读性**\n\u003e - `salt = hashlib.sha256(str(hash(email)).encode())` —— 拿 email 哈希当 salt？彩虹表一打一个准\n\u003e\n\u003e **要现场整改 P0+P1 吗？P2/P3 你自己看着办。**\n\n风格：**幽默吐槽 + 具体行号 + 可执行拆法**。不油腻、不说教、不爹味。\n\n### 整改后（节选）\n\n把上面那个 199 行的史山按 P0+P1 拆完，应该长这样（节选）：\n\n```\nregister-api/\n├── app.py                  # Flask 入口，仅 30 行\n├── api/\n│   └── auth.py            # HTTP 层：参数解析 + 响应\n├── services/\n│   ├── user_service.py    # 业务：注册 / 登录\n│   ├── email_service.py   # 发邮件，吞错日志\n│   └── audit_service.py   # 审计日志写文件\n├── db/\n│   ├── user_repo.py       # DAO：所有 SQL 在这\n│   └── schema.sql\n├── security/\n│   ├── password.py        # argon2 哈希\n│   └── rate_limit.py      # 登录限流\n└── tests/\n    └── test_register.py   # 关键路径测试\n```\n\n—— 同样的功能，5 个文件，每个文件单一职责，错误能被定位、能被测试、能在生产告警。\n\n---\n\n## 仓库结构\n\n```\nvibe-coding-guard/\n├── SKILL.md                       # 主流程：4 维检查 + 4 级响应 + 预警卡片\n├── references/\n│   ├── code-smell-catalog.md     # 反模式目录（按需加载）\n│   └── refactor-playbook.md      # 重构手法手册（按需加载）\n├── examples/\n│   └── bad_v0_register.py        # 史山反面教材（199 行）\n├── .github/\n│   ├── ISSUE_TEMPLATE/           # bug / feature / new_smell 三选\n│   ├── workflows/validate-skill.yml  # CI：frontmatter + refs 校验\n│   └── pull_request_template.md\n├── LICENSE                        # Apache 2.0\n├── CHANGELOG.md\n├── CONTRIBUTING.md                # 贡献指南（文件分工 + SemVer）\n└── README.md                      # 本文件\n```\n\n---\n\n## 设计原则\n\n1. **强制介入不跳过** —— 哪怕\"很短的代码\"也得过一遍\n2. **渐进加载** —— SKILL.md 保持精简，反模式目录 / 重构手册放 references\n3. **Rule of Three** —— 反对为了\"将来可能用\"过早抽象\n4. **错误处理是 P0** —— vibe coding 最高频的失分点，单独列一维\n\n---\n\n## 风格（人设）\n\nDO ✅\n- 用\"史山\" \"屎山\" \"答辩\"等用户已经在用的词\n- 给具体行号 / 函数名 / 改动方向\n- 一句话定性 + 可执行拆法\n\nDON'T ❌\n- \"这是一个很好的开始\" \"整体结构清晰\" 这种废话\n- \"建议您可以考虑……或许可以……\" —— 直接说\"拆\"\n- 为了显得专业堆术语（\"您当前实现存在 SRP 违反\"）—— 说人话\n\n---\n\n## 贡献\n\nIssue / PR 都欢迎。\n- 加反模式 → 改 `references/code-smell-catalog.md`\n- 加吐槽模板 → 改 `SKILL.md` 的\"万能吐槽模板\"表\n- 加新语言示例 → 在 `references/` 下加 `\u003clang\u003e-examples.md`\n\n---\n\n## License\n\nApache 2.0 — 详见 [LICENSE](./LICENSE)。\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwsxyy1145%2Fvibe-coding-guard","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwsxyy1145%2Fvibe-coding-guard","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwsxyy1145%2Fvibe-coding-guard/lists"}