Computer Science student at Chongqing University
I build small, dependable tools for agent-era development, local automation, and repeatable releases.
Languages: English | 简体中文
I turn messy workflows into tools that are easy to run again: clear CLIs, practical backend services, release checklists, and documentation that helps the next person ship with less friction.
Right now I am focused on three things:
| Direction | What I am building |
|---|---|
| Agent safety | Scanners and guardrails for AI coding agents, MCP configs, and local automation repositories. |
| Backend practice | Java / Spring Boot services with clean project structure and delivery notes. |
| Personal systems | Local-first workflows for study, research, releases, backup, and writing. |
Newest:
agent-hardening-kit
· One-command AI Agent/MCP repository hardening scanner with SARIF, HTML reports, bilingual docs, and CI policy templates.
npx github:aolingge/agent-hardening-kit --path . --markdown
mcp-config-doctor
· Local-first MCP config diagnostics for Claude Desktop, Cursor, Codex, and agent-era developer workflows.
npx github:aolingge/mcp-config-doctor --config mcp.json
agents-md-doctor
· AGENTS.md readiness checks for AI coding agents.
npx github:aolingge/agents-md-doctor --path AGENTS.md
prompt-yaml-lint
· Prompt-as-code quality checks for .prompt.yml files.
npx github:aolingge/prompt-yaml-lint review.prompt.yml
AI Agent Mini Tools
| Tool | What it checks |
|---|---|
| agent-context-budget | Agent context size and useful repo instruction signals |
| agent-env-redactor | Secret-like values in agent reports and config snippets |
| mcp-readme-score | MCP README install, config, permissions, and security notes |
| skill-md-lint | AI agent SKILL.md trigger, input, output, and safety clarity |
| agentignore-check | .agentignore rules for private and noisy files |
| repo-context-pack | Compact repo context packs for coding agents |
| agent-ci-doctor | CI commands agents can run before finishing |
| mcp-tool-name-lint | Vague or risky MCP tool names |
| agent-runbook-check | Debug, verify, rollback, and report runbook coverage |
| prompt-eval-seed | Prompt eval seed inputs, expected behavior, edge cases, and safety |
| agent-pr-brief | Pull request briefs for safer AI code review |
| mcp-env-template-check | MCP .env.example completeness without real tokens |
| prompt-injection-smoke | Prompt-injection smoke checks for agent workflows |
| agent-permission-audit | File, shell, browser, network, and secret permission boundaries |
| readme-demo-link-check | README demo links, quick starts, screenshots, and mirrors |
| agent-log-triage | Actionable AI agent failure log signals |
| repo-release-proof | Release notes with changes, verification, versions, and mirrors |
| agent-task-scope | Task briefs with scope, acceptance criteria, constraints, and verification |
| mcp-manifest-lint | MCP manifest name, transport, target, and permissions |
| ai-changelog-guard | AI-assisted changelog verification and compatibility notes |
| agent-windows-path-doctor | Check AI-agent task files for Windows path, WSL path, quoting, and cross-platform command risks. |
| agent-shell-safety-check | Check agent runbooks for shell command scope, verification, and destructive-operation boundaries. |
| mcp-permission-matrix | Check MCP server docs for a clear tool, permission, data-scope, and risk matrix. |
| prompt-regression-report | Check prompt regression reports for input, expected output, actual output, diffs, and decisions. |
| repo-agent-health | Check whether a repository exposes the basic health signals an AI coding agent needs. |
| agent-tool-risk-score | Score file, shell, network, browser, and secret risks in AI-agent tool lists. |
| mcp-server-smoke-test | Check MCP server smoke-test docs for startup, tool listing, sample calls, and failure handling. |
| readme-install-replay | Check README install steps for copy-ready prerequisites, commands, and verification output. |
| ci-command-harvest | Check repo docs for test, build, lint, and verification commands agents can safely run. |
| agent-memory-audit | Check AI memory or rule files for trigger conditions, behavior, exceptions, and secret boundaries. |
| release-mirror-check | Check release records for GitHub, Gitee, tag, release, and verification evidence. |
| prompt-fixture-pack | Check prompt fixture packs for happy path, edge, failure, safety, and expected-output cases. |
| agent-context-diff | Check agent context diff notes for additions, removals, risks, verification, and scope. |
| repo-onboarding-check | Check whether new contributors can find install, run, test, contribute, and support paths. |
| ai-pr-risk-labeler | Check PR descriptions for enough evidence to label AI-assisted change risk. |
|
A beginner-friendly deployment toolkit for students and indie developers: Nginx configs, Spring Boot systemd scripts, frontend deployment, Docker Compose, VPS security, and troubleshooting docs.
|
A deployment-first open source portfolio template for students and independent developers, published with GitHub Pages and tuned for project proof over decoration.
|
|
A zero-dependency CLI that audits whether a README is ready for an open-source launch: quick start, visual anchor, multilingual entry, contribution path, security boundary, and first-success verification.
|
Read-only VPS deployment diagnostics for Nginx, systemd, ports, Docker, firewall, disk, memory, and logs. Built for student projects that fail at the final deployment step.
|
|
A 5-minute safety check for agent-era repositories. It catches MCP tokens in args, broad filesystem access, browser profile exposure, risky automation notes, and over-permissive GitHub Actions workflows. Repository · Landing page · npm · GitHub Action
|
A Java / Spring Boot backend for express locker logistics scenarios, focused on service structure, API design, and database-oriented delivery practice.
|
|
A Python toolkit for tracking hot topics across platforms, aggregating trend signals, and turning noisy feeds into readable AI-assisted summaries.
|
A local workflow for creating, packaging, documenting, and iterating public GitHub projects while keeping drafts, release kits, and private notes out of real repositories.
|
- Make the first run boring: short commands, clear defaults, and fewer hidden steps.
- Write docs as part of the product, not as a cleanup chore at the end.
- Keep local workflows safe around credentials, browser profiles, and agent permissions.
- Package releases so future maintenance is easier than the first launch.
Make it clean. Make it reusable. Make it easy to ship.
Chongqing City · Chongqing University · open-source notes, tools, and experiments