ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Execution Verifier

v1.1.0

Enforce real progress for long-running tasks by separating execution from reporting. Use when users complain that the agent is "saying it's working" without...

0· 427·2 current·2 all-time
byRichardSun@richardsun700
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (verify real progress via file/commit checks) matches the included scripts' behavior. However the skill implicitly expects external CLIs (git, and the example uses an openclaw CLI) but the metadata declares no required binaries; that's an omission and a documentation mismatch.
!
Instruction Scope
The verifier reads the OPEN_TASKS file and extracts backtick-marked paths, then stats those files (mtime/size) and runs git to check commits — scope-appropriate. But the closed-loop uses an execute-cmd string run via subprocess with shell=True, meaning the skill can execute arbitrary system commands when it detects 'no progress'. Also backtick paths can point to absolute system files, causing the verifier to report metadata about arbitrary files. Both behaviors broaden scope beyond pure verification and can have surprising effects.
Install Mechanism
Instruction-only with no install spec — nothing is downloaded or written during install, which minimizes install-time risk.
Credentials
No environment variables or credentials are requested (good). But the skill uses git and expects an 'openclaw' executor in examples; those CLIs and any credentials they rely on are not declared. The closed-loop can invoke executors that may access secrets or network resources, so the lack of declared dependencies understates the required runtime privileges.
Persistence & Privilege
always is false (good). The skill can be invoked autonomously (platform default). The real risk is enabling closed-loop auto-execution: the verify_execute_verify script will trigger arbitrary execute-cmd commands automatically when progress is not detected, increasing operational privilege if used without restrictions.
What to consider before installing
This skill appears to implement what it claims (detecting file/commit progress), but take precautions before using it: 1) Inspect and control any execute-cmd you pass to the closed-loop script — it will be executed via the shell and can run arbitrary commands. Avoid using closed-loop auto-execute until you trust the executor command. 2) Ensure git and any executor CLI (example: openclaw) are available and understood — add them to documentation/requirements. 3) Review OPEN_TASKS content to ensure backtick paths don't reference sensitive system files (the verifier will report file metadata for any referenced paths). 4) Prefer running the verifier in an isolated environment or with least privilege, and consider modifying the scripts to avoid shell=True or to sanitize/whitelist allowed executor commands. If the author confirms the missing declared dependencies (git/openclaw) and that execute-cmd will be restricted to safe, audited commands, the concerns become much smaller.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cgdzrmbtfxsk0hfzn4x102h821b9r
427downloads
0stars
1versions
Updated 6h ago
v1.1.0
MIT-0
RichardSun@richardsun700
latest
Download

Execution Verifier

Use this skill to prevent fake progress.

Core policy

  • Treat "no artifact change" as "no progress".
  • Report only hard evidence: file changes, line deltas, commits, test outputs.
  • If no evidence is detected in the time window, report blocker + immediate next action.

Minimal operating loop (30 min)

  1. Execute one concrete next action from OPEN_TASKS.
  2. Write artifacts (target files must change).
  3. Verify with scripts/verify_progress.py.
  4. Report in strict 3-line format.

Strict report format

  1. 已完成:<file path + concrete change>
  2. 进行中:<current actionable step>
  3. 下一步+ETA:<next step + time>

If verification fails, replace line 1 with: 本轮无新增(原因:<blocker>).

Verifier command

python3 skills/execution-verifier/scripts/verify_progress.py \
  --project-dir projects/ai-human-co-production \
  --status projects/ai-human-co-production/STATUS.md \
  --open-tasks projects/ai-human-co-production/OPEN_TASKS.md \
  --window-min 30

Closed-loop mode (verify → auto-execute → re-verify)

Use built-in script:

python3 skills/execution-verifier/scripts/verify_execute_verify.py \
  --verify-cmd "python3 skills/execution-verifier/scripts/verify_progress.py --project-dir projects/ai-human-co-production --status projects/ai-human-co-production/STATUS.md --open-tasks projects/ai-human-co-production/OPEN_TASKS.md --window-min 30" \
  --execute-cmd "openclaw cron run fc567f18-83fa-426c-8181-71a10f4568b3 --force"

Behavior:

  • Step A: verify current progress
  • Step B: if no progress, auto-trigger executor
  • Step C: verify again
  • Output JSON includes before, triggered_execute, after

Cron pattern (recommended)

Use two jobs:

  • Executor job (isolated agentTurn, every 30m): do real work + write files.
  • Verifier job (main systemEvent, every 30m offset +5m): run closed-loop script above.

Never run report-only cron without verifier.

Comments

Loading comments...