PlanSuite
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: plansuite Version: 0.1.3 The OpenClaw AgentSkills skill bundle defines a structured workflow for an AI agent to manage projects, including planning, freezing, and executing tasks. The `SKILL.md` instructions are clear, aligned with the stated purpose, and notably include a recommendation to use `sessions_spawn` for isolated execution, which is a strong security-conscious instruction. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, prompt injection attempts to subvert the agent, or obfuscation. All file operations are confined to creating and updating specific markdown files (`task_plan.md`, `progress.md`, `findings.md`) within the working directory, which is consistent with its stated purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users relying on provenance should know the embedded metadata appears stale or inconsistent.
The package-internal metadata differs from the supplied registry metadata, which lists a different owner ID and version 0.1.3. Because the skill has no installer or code, this is a provenance note rather than a behavior concern.
"ownerId": "local-author", "slug": "plansuite", "version": "0.1.0"
If publisher identity or exact version provenance matters, verify the package source before installing.
Project details may remain in local Markdown files and be used as context in later work.
The skill deliberately stores task plans, progress, findings, decisions, commands, and rollback steps in persistent local files so they can be reused across sessions.
不要把这三份写到聊天里:写到文件,才能恢复/续跑。
Keep the generated files in the intended project directory, avoid writing secrets into them, and review them before resuming a task.
A separate execution session may receive plan context and perform implementation steps under the user-approved plan.
The workflow may delegate execution to a separate session. This is disclosed and purpose-aligned, but it creates a context boundary users should understand.
建议用 `sessions_spawn` 开一个隔离执行会话(避免污染主会话上下文)。
Only spawn an execution session after reviewing the finalized plan, and review the spawned session's proposed changes and results.