ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

EVR Framework

v1.1.0

EVR Framework — Execute-Verify-Report. Force AI to actually DO, then VERIFY, then REPORT. Stop fake completions and silent failures. Use when user mentions '...

0· 92·0 current·0 all-time
byErwin@aptratcn

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for aptratcn/xiaobai-evr-framework.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "EVR Framework" (aptratcn/xiaobai-evr-framework) from ClawHub.
Skill page: https://clawhub.ai/aptratcn/xiaobai-evr-framework
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install xiaobai-evr-framework

ClawHub CLI

Package manager switcher

npx clawhub@latest install xiaobai-evr-framework
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (Execute→Verify→Report) align with the SKILL.md: it explicitly tells agents to perform side-effecting actions and verify them. However the skill does not declare required binaries, tools, or credentials even though examples reference system tools (systemctl, git, gh, openclaw) and APIs — a mild mismatch in declared requirements versus the real capabilities it expects.
!
Instruction Scope
SKILL.md instructs the agent to run shell commands, write and read files (e.g., /app/config.json), create cron jobs, call message APIs, check systemd, run git pushes, and save verification evidence to memory/work rules. Those are broad, high-privilege operations and the guidance gives the agent wide discretion (arbitrary paths, arbitrary commands, retries, persistent logging). This scope can access sensitive files/credentials and could lead to unintended writes or exfiltration if not constrained.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. Nothing is downloaded or written by an installer.
Credentials
The skill requires no declared env vars or credentials, but many example actions (API calls, git push, message sending, checking services) implicitly need credentials or access to system resources. The absence of declared env/credentials is not itself malicious, but it means the agent will use whatever credentials are available in its environment, which could be sensitive.
Persistence & Privilege
always:false and user-invocable:true — appropriate. The skill encourages saving verification evidence to memory and to a WORK_RULES.md, which is a form of persistence; this is expected but means verification outputs (which might include sensitive snippets) could be stored. The skill does not declare modifying other skills or system-wide configs, but it does instruct writing files and updating memory.
What to consider before installing
This SKILL.md is coherent with its stated purpose and acts like a policy for performing real actions and verifying them. But it explicitly tells agents to run shell commands, write/read files, interact with system services, and store verification evidence — operations that can touch secrets or sensitive files. Before installing or enabling: 1) ensure you trust the agent runtime and its access level (filesystem, network, credentials); 2) restrict or review which commands, paths, and APIs the agent is allowed to use; 3) decide whether verification evidence should be saved to persistent memory and sanitize any stored outputs; 4) consider adding explicit boundaries (allowed paths, disallowed commands, required confirmations) so the agent cannot perform high-privilege changes without explicit user approval.

Like a lobster shell, security has layers — review code before you run it.

evrvk971d4z9d0ed2ra006pqryezvs858x3clatestvk971d4z9d0ed2ra006pqryezvs858x3creliabilityvk971d4z9d0ed2ra006pqryezvs858x3cverificationvk971d4z9d0ed2ra006pqryezvs858x3c
92downloads
0stars
1versions
Updated 1w ago
v1.1.0
MIT-0
Erwin@aptratcn
evrlatestreliabilityverification
Download

EVR Framework ✅

Execute → Verify → Report. No more fake completions.

Trigger Phrases

This skill activates when:

  • User asks "did you actually do X?"
  • Agent says "done" or "finished" or "created"
  • User mentions "verify", "check if it worked", "are you sure"
  • Multi-step task is being completed
  • Agent claims to have created/modified/deleted something
  • User is skeptical about completion claims

The Problem

❌ What happens without EVR:
User: "Create a cron job"
Agent: "Done! ✅"
[No cron job exists]
User: [Finds out later nothing was done]

✅ What happens with EVR:
User: "Create a cron job"
Agent: [Creates cron job]
Agent: [Runs verification command]
Agent: "Verified: cron job 'morning-reminder' exists, next run at 08:00 tomorrow. Evidence: cron list output attached."

EVR Protocol

Step 1: EXECUTE

Perform the action for real, not just describe it.

Examples:
- "Create file" → Actually write to filesystem
- "Send message" → Actually call message API
- "Run command" → Actually execute in shell
- "Create cron" → Actually register with scheduler

Step 2: VERIFY

Check the result independently, don't just trust the action.

Verification Commands by Task Type:

| Task Type | Verification Command |
|-----------|---------------------|
| Create file | `ls -la /path/to/file` |
| Edit file | `grep "change" /path/to/file` |
| Create cron | `openclaw cron list` |
| Send message | Check for message ID in response |
| Install package | `which package-name` |
| Start service | `systemctl status service` |
| Git push | `git log --oneline -1` |
| Create repo | `gh repo view repo-name` |

Step 3: REPORT

State completion with evidence, not just "done".

Report Format:
"[Action] completed. Verified: [what you checked]. Evidence: [output/result]."

Examples:
✅ "Cron job created. Verified: 'morning-reminder' appears in cron list. Next run: 08:00 tomorrow."
✅ "File written. Verified: /tmp/test.txt exists with 42 bytes. Content preview: 'Hello World...'"
✅ "Message sent. Verified: message ID ROBOT1.0_xxx received. Delivery confirmed."

Before/After Examples

Example 1: Creating a Cron Job

Without EVR:

User: Create a daily reminder at 8am
Agent: Done! I've created your daily reminder at 8am.
[Nothing was actually created]

With EVR:

User: Create a daily reminder at 8am
Agent: [Executes: openclaw cron add --name "daily-reminder" --cron "0 8 * * *"]
Agent: [Verifies: openclaw cron list --json]
Agent: Daily reminder created and verified.
       Job ID: abc123
       Schedule: 0 8 * * * (daily at 08:00)
       Status: enabled
       Next run: tomorrow 08:00

Example 2: Writing a File

Without EVR:

User: Create a config file
Agent: I've created the config file for you.
[File doesn't exist]

With EVR:

User: Create a config file
Agent: [Executes: write to /app/config.json]
Agent: [Verifies: cat /app/config.json]
Agent: Config file created and verified.
       Path: /app/config.json
       Size: 256 bytes
       Content: {"name": "myapp", "version": "1.0.0", ...}

Example 3: Sending a Message

Without EVR:

User: Send this to John
Agent: Message sent to John!
[Message never sent]

With EVR:

User: Send this to John
Agent: [Executes: message API call]
Agent: [Verifies: check response for message_id]
Agent: Message sent and verified.
       Recipient: John (user_id: xxx)
       Message ID: ROBOT1.0_xxx
       Timestamp: 2026-04-21 08:00:00
       Status: delivered

Integration with Other Skills

With Memory Guard

After completing important tasks:

  1. Execute task
  2. Verify completion
  3. Save to memory with evidence
  4. Report to user

With Error Recovery

If verification fails:

  1. Log the error
  2. Attempt retry (up to 3 times)
  3. If still failing, report to user with details
  4. Don't claim completion until verified

With Self-Improve

When EVR catches a fake completion:

  1. Log as mistake type: "fake_completion"
  2. Add to WORK_RULES.md: "Must verify before claiming done"
  3. Never repeat this mistake

Verification Checklist

Before saying "done", ask yourself:

  • Did I actually execute the action?
  • Did I run a verification command?
  • Does the verification output confirm success?
  • Am I reporting with evidence, not just assertion?

Anti-Patterns

PatternWhy It's WrongFix
"I've created X"No verificationRun command to check X exists
"Done ✅"No evidenceAttach verification output
"Should be working"UncertaintyVerify it's working
"Successfully completed"Self-assertionShow external confirmation

License

MIT

Comments

Loading comments...