单元测试工程师 单元测试覆盖
PassAudited by ClawScan on May 8, 2026.
Overview
This instruction-only unit testing skill is coherent and purpose-aligned, but users should expect local code edits, focused test commands, and disclosed collaboration/escalation behavior.
This skill appears safe to use for its stated purpose. Before installing, be comfortable with an agent editing unit tests or small implementation seams, running focused PHPUnit/Pest commands, and possibly escalating blockers to the named Weline technical lead. Review local project guidance files and generated diffs, and do not include secrets in test tasks or collaboration messages.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may change files in the working tree and execute project test code.
The skill can direct the agent to modify local code and run a local PHP test command. This is expected for a unit-test coverage skill and is scoped to focused validation.
Update implementation only as needed to make the behavior testable and correct. ... Run `php bin/w phpunit:run --module=...`
Use version control, review generated diffs, and confirm the focused test command before relying on the result.
Local project guidance may shape the agent's testing and collaboration behavior beyond this one reviewed file.
The skill references additional local project and shared-skill guidance that was not included in the artifact set. This is not suspicious by itself, but those files could affect how the agent behaves in a real workspace.
`AI-ENTRY.md`, `CLAUDE.md`, `dev/ai/skills/testing/SKILL.md` ... This specialist skill must follow `通用工程师-开发规范与代码质量`
Review the referenced local guidance files in your repository before using the skill in a sensitive codebase.
Task context or validation issues may be shared with a collaborator or agent designated as the Weline technical lead.
The skill discloses an escalation path to a named technical lead or agent, but the artifact does not define the notification channel, recipient identity, or data boundary.
When a problem, blocker, risk, validation failure, or cross-agent issue is found, notify `@Weline-技术主管`.
Clarify who or what receives this notification and avoid including secrets or sensitive data in escalation messages.