Project Developer
v1.0.0Software Developer Project Skill — coordination, workflow, and team interoperation for FE and BE developer agents working on managed software projects. Use t...
⭐ 0· 56·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name and description describe developer coordination, Asana/gitting conventions, PR/QA handoff and escalation procedures. The SKILL.md contains only prose about behaviours and explicitly delegates technical operations (git, Asana API, language-specific work) to separate skills. It does not request unrelated environment variables, binaries, or other capabilities, so the declared requirements line up with the stated purpose. Note: the registry metadata lists no homepage and an unknown source; that affects provenance but not internal coherence.
Instruction Scope
Runtime instructions are limited to process, comments, branch naming, escalation and handoff procedures. The document repeatedly instructs the agent to rely on installed Asana/Git/stack skills for network/API/git operations and does not direct the agent to read arbitrary files, environment variables, or external endpoints on its own. There is no vague 'gather whatever context you need' language — instructions are procedural and scoped to team coordination.
Install Mechanism
No install spec and no code files that execute — this is instruction-only, so nothing is written to disk or downloaded. That is the lowest-risk installation model and is proportionate for a coordination/behavioral skill.
Credentials
This skill itself requires no environment variables or secrets, which is appropriate. However the SKILL.md expects separate Asana/Git/stack skills to be installed; those dependency skills will likely require credentials (Asana PAT, git host tokens, etc.). Review those dependency skills for requested credentials and scopes before enabling the overall workflow.
Persistence & Privilege
always is false and model invocation is enabled (the platform default). The skill does not request permanent system-level presence or modify other skills' configs. Autonomous invocation is appropriate for a workflow/agent behavior skill; there are no additional privilege escalations requested by this skill.
Assessment
This skill is an instruction-only playbook for how a developer agent should behave and is internally coherent. Before installing: (1) Verify the provenance — owner/source has no homepage listed; consider whether you trust the publisher. (2) Inspect and vet the dependency skills (Asana, Git, and any stack skills) because those will perform network and credentialed operations — confirm they request only the minimal scopes/tokens needed. (3) Confirm organizational policies for automated agents posting comments, creating branches, or opening PRs (permissions and audit trails). (4) Because this skill enables autonomous coordination, be cautious about granting broad repository or project board write permissions to the agent via dependency skills; prefer least privilege (token scopes) and logging/approval workflows for merges. If you want stronger assurance, ask the publisher for a source repo or homepage and review the implementations of the Asana/Git skills it expects to call.Like a lobster shell, security has layers — review code before you run it.
latestvk977vzyhxea9wywtdr9ghk4z4h84p6g6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.