validate-logic | Skill Performance & Reviews | TopRankSkills

TopRank Skills

Home / Skills / tools / validate-logic

validate-logic

maintained by peijun1700

star 103 account_tree 11 verified_user MIT License
bolt View GitHub

name: validate-logic description: > L13-L17 類型和邏輯驗證 - 檢查類型一致性、邏輯完整性、錯誤處理、安全性、性能。 BlueMouse 17-Layer Validation Group 4(最深層檢查)。 Triggers: "logic", "security", "performance", "error handling", "安全檢查" allowed-tools:

  • Read
  • Bash
  • Grep
  • Glob user-invocable: true context: fork

Validate Logic Skill (L13-L17)

BlueMouse 17-Layer Validation System - Group 4: 類型和邏輯驗證(最深層檢查)

Two Ways to Use

1. AI-Guided Validation

Follow the checklist below to analyze code.

2. Script Execution

python3 .claude/skills/validate-logic/validator.py myfile.py
python3 .claude/skills/validate-logic/validator.py --verbose myfile.py

L13-L17 Validation Checklist

L13: 類型一致性檢查

What: All functions in the code have ≥70% type hint coverage

How:

funcs = [n for n in ast.walk(tree) if isinstance(n, ast.FunctionDef)]
total = len(funcs)
with_hints = sum(
    1 for f in funcs
    if f.returns or any(arg.annotation for arg in f.args.args)
)
coverage = int(with_hints / total * 100)
passed = coverage >= 70

Pass: "函數類型提示覆蓋率: {coverage}%" (≥70%) Fail: "函數類型提示覆蓋率: {coverage}%" (<70%)


L14: 邏輯完整性檢查 (Informational)

What: Code has control flow structures

How:

if_count = sum(1 for n in ast.walk(tree) if isinstance(n, ast.If))
for_count = sum(1 for n in ast.walk(tree) if isinstance(n, ast.For))
while_count = sum(1 for n in ast.walk(tree) if isinstance(n, ast.While))

has_branches = (if_count + for_count + while_count) > 0

Output:

  • Has control flow: "邏輯結構完整"
  • No control flow: "邏輯結構簡單"

Pass: Always (informational only)


L15: 錯誤處理檢查 ⚠️ ANTI-PATTERN DETECTION

What: No empty try-except blocks or pass-only handlers

How:

try_nodes = [node for node in ast.walk(tree) if isinstance(node, ast.Try)]

bad_handlers = 0
for node in try_nodes:
    for handler in node.handlers:
        # Empty handler
        if not handler.body:
            bad_handlers += 1
        # Only pass statement
        elif len(handler.body) == 1 and isinstance(handler.body[0], ast.Pass):
            bad_handlers += 1

Pass: Has try-except AND bad_handlers == 0"檢測到 N 個有效錯誤處理塊" Fail:

  • No try-except: "建議添加 try-except 錯誤處理塊"
  • Bad handlers: "發現 N 個空的或只有 pass 的錯誤處理塊 (Anti-pattern)"

Examples:

# ❌ FAIL: Empty handler
try:
    risky()
except:
    pass

# ❌ FAIL: Only pass
try:
    risky()
except Exception as e:
    pass

# ✅ PASS: Proper handling
try:
    risky()
except Exception as e:
    logger.error(f"Error: {e}")
    raise

L16: 安全性檢查 🔒 SECURITY SCAN

What: No dangerous functions or hardcoded secrets

Dangerous Functions

Function Risk Alternative
eval() Arbitrary code execution ast.literal_eval()
exec() Arbitrary code execution Avoid
compile() Code injection Avoid
__import__() Dynamic import risk Use regular import
pickle Deserialization attack json

Detection:

dangerous_funcs = ['eval', 'exec', 'compile', '__import__']

for node in ast.walk(tree):
    if isinstance(node, ast.Call):
        if isinstance(node.func, ast.Name):
            if node.func.id in dangerous_funcs:
                issues.append(f"使用了危險函數: {node.func.id}")

Hardcoded Secrets

Pattern Example
api_key = "..." api_key = "sk-123456789"
password = "..." password = "secret123"
secret = "..." secret = "mysecret"
token = "..." token = "eyJ..."
AWS keys aws_access_key_id = "AKIA..."

Detection:

secret_patterns = [
    r'api_key\s*=\s*[\'"][^\s\'\"]{10,}[\'"]',
    r'password\s*=\s*[\'"][^\s\'\"]{8,}[\'"]',
    r'secret\s*=\s*[\'"][^\s\'\"]{10,}[\'"]',
    r'token\s*=\s*[\'"][^\s\'\"]{10,}[\'"]',
    r'aws_access_key_id\s*=\s*[\'"]AKIA',
]

Pass: "未發現明顯安全問題" Fail: "發現 N 個潛在安全性問題" + list issues

Examples:

# ❌ FAIL: Dangerous function
result = eval(user_input)

# ❌ FAIL: Hardcoded secret
api_key = "sk-1234567890abcdef"

# ✅ PASS: Safe alternatives
import os
api_key = os.environ.get('API_KEY')
result = ast.literal_eval(safe_input)

L17: 性能檢查 ⚡ COMPLEXITY ANALYSIS

What: No deeply nested loops (≥3 levels)

How:

def get_loop_depth(node, current_depth=0):
    max_depth = current_depth
    for child in ast.iter_child_nodes(node):
        if isinstance(child, (ast.For, ast.While)):
            child_depth = get_loop_depth(child, current_depth + 1)
        else:
            child_depth = get_loop_depth(child, current_depth)
        max_depth = max(max_depth, child_depth)
    return max_depth

# Find max nesting depth
for node in ast.walk(tree):
    if isinstance(node, (ast.For, ast.While)):
        depth = get_loop_depth(node, 1)
        max_depth = max(max_depth, depth)

passed = max_depth < 3

Pass: "最高循環嵌套深度: {depth} (符合效能規範)" (depth < 3) Fail: "檢測到過深的循環嵌套 (Depth: {depth}),建議優化算法" (depth ≥ 3)

Examples:

# ✅ PASS: 2-level nesting (O(n²))
for i in range(n):
    for j in range(n):
        process(i, j)

# ❌ FAIL: 3-level nesting (O(n³))
for i in range(n):      # Level 1
    for j in range(n):  # Level 2
        for k in range(n):  # Level 3 - TOO DEEP!
            process(i, j, k)

Optimization Suggestions:

  • Use dictionary lookups instead of nested loops
  • Restructure algorithm
  • Use vectorized operations (numpy)

Output Format

==================================================
L13-L17: 類型和邏輯驗證
==================================================

Status: ✅ PASSED / ❌ FAILED
Score: X/100 (N/5 layers)

✅/❌ L13: 類型一致性檢查 - 函數類型提示覆蓋率: X%
✅ L14: 邏輯完整性檢查 - 邏輯結構完整/簡單
✅/❌ L15: 錯誤處理檢查 - [message]
✅/❌ L16: 安全性檢查 - [message]
✅/❌ L17: 性能檢查 - [message]

[Verbose mode shows detailed issues]

Related Skills

Skill Layers
/validate-17-layers L1-L17 (完整)
/validate-syntax L1-L4
/validate-signature L5-L8
/validate-dependencies L9-L12
/validate-logic L13-L17

Part of BlueMouse 17-Layer Validation System

chat Comments (0)

chat_bubble_outline

No comments yet. Be the first to share your thoughts!

Skill Details

GitHub Stars 103
GitHub Forks 11
Created Jan 2026
Last Updated 5个月前
tools tools debugging

Related Skills

fabric
chevron_right
typescript-expert
chevron_right
break-loop
chevron_right
burp-suite
chevron_right
page-behavior-audit
chevron_right

Build your own?

Join 12,000+ developers contributing to the Claude ecosystem.