ClawHub

Workflow Guardian

v1.0.0

Defines, enforces, and tracks structured workflows for any task type. Manages do/don't rules, execution sequences, hard gates, soft advisories, checkpoints,...

2· 42·0 current·0 all-time
by@cyber-bye
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (workflow enforcement, gates, checkpoints, violation logging) matches the content of SKILL.md and the included docs. No unrelated environment variables, binaries, or external services are requested.
Instruction Scope
All runtime instructions operate on a clearly defined local folder layout (workflows/, rules/, checkpoints/, violations/, memory/, SOUL.md, logs). The skill directs the agent to read/write those files and to run hooks before/after steps. This is expected for a workflow enforcer, but note the skill prescribes global rules that 'cannot be overridden by owner instruction' and enforces gate behavior strictly — this is a behavioral policy choice that may surprise operators.
Install Mechanism
Instruction-only skill with no install spec and no code files to execute. No downloads, package installs, or binaries are required, minimizing install-time risk.
Credentials
The skill requests no environment variables, credentials, or config paths outside its own document tree. All state is local (files and memory/schema.json). No secret exfiltration vectors are requested in the manifest or instructions.
Persistence & Privilege
The skill writes persistent state (SOUL.md, memory/index.json, WORKFLOW_LOG.md, run logs, violations). It does not set always:true and does not request system-wide config changes, but it does expect to maintain persistent 'soul' context and runtime state — ensure you are comfortable with the agent writing and updating these files in the workspace.
Assessment
This skill appears coherent and local-only: it manages workflows by reading/writing files in a contained folder structure and does not request credentials or network access. Before installing, consider: 1) Back up any existing workspace files you care about (WORKFLOW_LOG.md, memory/index.json, SOUL.md) because the skill expects to append/update them. 2) Review the global rules/docs (AGENT.md, rules/global/*.md) to confirm you accept the strict gate semantics and the claim that some rules 'cannot be overridden by owner instruction' — if you need manual bypasses, plan how you'll signal overrides. 3) Test in a non-production workspace to verify behavior and that the agent's file writes match your expectations. If you need the skill to call external services or require fewer persistent writes, request a variant that limits persistence or exposes explicit owner-controlled override mechanisms.

Like a lobster shell, security has layers — review code before you run it.

latestvk970ctkza0pyj13gv2dwhsk72n84vty4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

⚙️ Clawdis

Comments