E2E自动化工程师 路由与UI冒烟验证
PassAudited by VirusTotal on May 8, 2026.
Overview
Type: OpenClaw Skill Name: e2e-route-ui-smoke Version: 1.1.0 The skill bundle defines a specialized role for an AI agent to perform route and UI smoke testing within a framework called 'Weline'. The instructions in SKILL.md focus on legitimate development tasks such as route registration via 'php bin/w setup:upgrade --route' and reachability checks using 'http:request'. No indicators of data exfiltration, malicious execution, or harmful prompt injection were found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may execute local validation commands against your app, which could produce requests or change local route/test state.
The skill directs the agent to run local application commands for route validation; this is central to the stated purpose but still gives the agent operational control over local test actions.
Run `php bin/w http:request ...` for direct route checks when appropriate.
Use this in a development or test environment, confirm the target route and command before running, and avoid pointing it at production unless that is explicitly intended.
Actual behavior may be influenced by project-local guidance not visible in this review.
The skill relies on local project documents and shared standards that were not part of the submitted artifact set, so their contents could not be reviewed here.
Source Material - `AI-ENTRY.md` - `CLAUDE.md` - `dev/ai/skills/testing/SKILL.md`
Before relying on the skill, check that the referenced local files and shared engineering standard are trusted and consistent with your expectations.
Validation failures or project context could be shared with another project role if the host agent supports that workflow.
The skill includes an instruction to communicate certain findings to a named project role or agent; this appears collaboration-oriented but the reviewed artifacts do not define that recipient or communication boundary.
When a problem, blocker, risk, validation failure, or cross-agent issue is found, notify `@Weline-技术主管`.
Ensure `@Weline-技术主管` is an expected internal recipient and avoid including secrets, credentials, or unnecessary sensitive details in such notifications.