Maven POM Validator

v1.0.0

Validate and lint Maven pom.xml files for structure, dependencies, plugins, and best practices. Use when asked to lint, validate, check, or audit pom.xml fil...

⭐ 0· 89·0 current·0 all-time

by@charlie-morrison

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for charlie-morrison/maven-pom-validator.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Maven POM Validator" (charlie-morrison/maven-pom-validator) from ClawHub.
Skill page: https://clawhub.ai/charlie-morrison/maven-pom-validator
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install maven-pom-validator

ClawHub CLI

Package manager switcher

npx clawhub@latest install maven-pom-validator

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description match what is present: the SKILL.md documents lint/validate/dependencies/plugins commands and the repository includes a Python script that performs those checks. No unrelated binaries, services, or credentials are requested.

✓

Instruction Scope

Runtime instructions tell the agent to run the included Python script against a specified pom.xml (e.g., python3 scripts/maven_pom_validator.py lint pom.xml). The script operates on local POM files, inspects XML structure and text, and emits findings; it does not reference external endpoints, other system config, or unrelated environment variables.

✓

Install Mechanism

No install spec is provided (instruction-only). The included script is pure-Python stdlib and does not download or install external code. This is low-risk and proportionate for the stated purpose.

✓

Credentials

No environment variables, credentials, or config paths are required. The checks operate on the POM contents and local filesystem paths mentioned in the POM (the script flags hardcoded paths in plugin configuration), which is expected for a linter.

✓

Persistence & Privilege

always is false and the skill does not request persistent privileges or modify other skill/system configurations. Autonomous invocation is allowed by the platform default but is not combined with broad credential access or other red flags.

Assessment

This skill appears to do what it says: it runs a local Python script to lint pom.xml files and does not request credentials or network access. Before installing or running it, you may want to: 1) inspect scripts/maven_pom_validator.py yourself (it's included) to confirm you are comfortable executing it; 2) run it on sample files in a sandbox or non-production environment; and 3) note that it will read any pom.xml you point it at and will flag hardcoded absolute paths found inside plugin configurations. There are no obvious incoherencies or unexpected external contacts in the provided files.

Like a lobster shell, security has layers — review code before you run it.

latestvk97awggykq6tvwxw6ach4zp1gn84syd2

89downloads

0stars

1versions

Updated 2w ago

v1.0.0

MIT-0

Maven POM Validator

Validate and lint Maven pom.xml files for structural correctness, dependency hygiene, plugin configuration, and best practices.

Commands

lint — Full lint pass (all 20+ rules)

python3 scripts/maven_pom_validator.py lint pom.xml
python3 scripts/maven_pom_validator.py lint pom.xml --strict
python3 scripts/maven_pom_validator.py lint pom.xml --format json
python3 scripts/maven_pom_validator.py lint pom.xml --format markdown

dependencies — Audit dependency declarations

python3 scripts/maven_pom_validator.py dependencies pom.xml
python3 scripts/maven_pom_validator.py dependencies pom.xml --format json

plugins — Audit plugin declarations

python3 scripts/maven_pom_validator.py plugins pom.xml
python3 scripts/maven_pom_validator.py plugins pom.xml --format markdown

validate — Quick structural validation only

python3 scripts/maven_pom_validator.py validate pom.xml
python3 scripts/maven_pom_validator.py validate pom.xml --strict

Flags

Flag	Description
`--strict`	Exit code 1 on warnings (CI mode)
`--format text`	Human-readable output (default)
`--format json`	Machine-readable JSON
`--format markdown`	Markdown report

Lint Rules

Structure (5 rules)

Valid XML — file must be well-formed XML
Required elements — groupId, artifactId, version, modelVersion must be present
modelVersion must be "4.0.0"
groupId format — must follow reverse-domain convention (e.g. com.example)
packaging value must be valid (jar, war, pom, ear, rar, maven-plugin)

Dependencies (6 rules)

No duplicate dependencies (same groupId:artifactId)
No SNAPSHOT versions in release POMs
Version must be defined (not missing)
No wildcard/range versions (LATEST, RELEASE, [1.0,))
Scope must be valid (compile, test, provided, runtime, system, import)
system-scoped deps must have <systemPath>

Plugins (5 rules)

Plugin versions must be pinned
No duplicate plugins (same groupId:artifactId)
Plugin groupId should be specified
Known deprecated plugins flagged
Configuration elements checked for common issues

Best Practices (6 rules)

Properties used for version management (DRY check)
dependencyManagement used in parent POMs
UTF-8 encoding specified (project.build.sourceEncoding)
Java source/target version set (maven.compiler.source/target or release)
No hardcoded absolute paths in configuration
SCM section present

Exit Codes

Code	Meaning
0	No errors (warnings OK unless --strict)
1	Errors found (or warnings with --strict)
2	Script usage error

Comments

Loading comments...