skill-refiner
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for auditing skills, but it also tells the agent to make broad permanent changes to every skill it finds without clearly requiring your approval.
Use this skill cautiously. It appears useful for auditing, but ask for a report-only pass first and require explicit approval, backups, and diffs before allowing it to delete README files, move skills, or rename directories.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A simple audit request could lead to deleted documentation files or moved/renamed skill directories, potentially breaking skills or changing how the agent behaves later.
The skill instructs the agent to perform destructive and structural filesystem changes across skills, but does not require explicit user confirmation, backups, diffs, or rollback before doing so.
For each skill with issues, fix in this order: ... Extraneous files — Delete README.md, INSTALLATION_GUIDE.md, CHANGELOG.md, etc. ... move it to `~/.openclaw/workspace/skills/<skill-name>/` ... Rename directory
Use a read-only audit first. Require the agent to show a proposed diff and get explicit approval before deleting, moving, or renaming any files.
One mistaken rule or automated repair pass could affect many installed or draft skills at once.
The workflow is explicitly bulk-scoped. If its compliance assumptions are wrong or too aggressive, the resulting changes can propagate across many skills in one run.
Exhaustively searches the entire workspace (not just skills/) to find every SKILL.md ... Run this on every path returned by Step 1.
Limit the scan to a chosen directory or selected skills, and apply fixes incrementally with review between each change.
The skill will run local helper scripts to scan and audit files in the workspace.
The skill asks the agent to run bundled local shell and Python scripts. The provided script contents are straightforward and purpose-aligned, but users should know local code execution is part of the workflow.
bash scripts/find_skills.sh [workspace_dir] ... python3 scripts/audit_skill.py <skill-dir>
Run it only from a trusted installed copy, and prefer a read-only audit before allowing any manual repair actions.