Test Sentinel
v0.1.2Writes and runs tests (unit, integration, E2E), performs linting, and auto-fixes failures
⭐ 1· 889·2 current·2 all-time
byGuilherme Favaron@guifav
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill is described as a test-writing/running/fixing assistant for Next.js + Vitest + Playwright projects. The claw.json declares Node/npx and filesystem permissions which are appropriate for running tests and editing the repository. (Minor metadata incongruence: the registry summary earlier listed no required binaries while claw.json lists node and npx.)
Instruction Scope
SKILL.md explicitly instructs the agent to read source files, write tests, run npx vitest/playwright, fix code, run linters, and commit changes. Those actions are within the stated purpose, but they grant the agent broad authority to modify repository code and run arbitrary test commands. There are no instructions to read unrelated system paths or to send data to external endpoints.
Install Mechanism
This is instruction-only and has no install steps or remote downloads. Low risk: nothing will be written to disk by an installer beyond what the agent does when executing the repo-editing workflow.
Credentials
The skill declares no required environment variables or credentials. The SKILL.md references Supabase/Firebase as dependencies for tests but recommends mocking them; it does not request cloud credentials. Permissions for filesystem access are justified by the need to read and modify source and test files.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges. However, the agent is instructed to make and commit code changes; if you allow autonomous invocation the skill can modify your repo without per-change approval. This is expected for a code-fixing QA skill but worth controlling via policy or manual review.
Assessment
This skill appears coherent for automated testing and repair of a Node-based repo. Before installing: (1) ensure node and npx are available on the host; (2) be aware the agent will read and modify repository files and run test/lint commands — require manual review or a branch/PR workflow if you don't want automatic commits; (3) confirm tests are configured to mock external services and will not use production credentials or data; (4) run the skill in a sandbox or on a separate branch initially to verify behavior. If you prefer the agent not to commit autonomously, disable autonomous invocation or require explicit user approval for changes.Like a lobster shell, security has layers — review code before you run it.
latestvk977jsn0rfr578g3y6n8z0w0c583e9w4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.