ClawHub

qa-engineer-assistant

v1.0.0

This skill should be used when the user is a QA/test engineer needing help with any testing task. Covers the full testing workflow: understanding requirement...

0· 12·0 current·0 all-time
by@guolongganga
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (QA assistant covering test-case design, API/UI script generation, bug reports) match the provided SKILL.md, reference docs, and the included gen_api_test.py generator. Nothing requested (no env vars, binaries, or config paths) is out of scope for a QA tooling skill.
Instruction Scope
SKILL.md instructions stay within the stated purpose: design test cases, generate pytest/Playwright boilerplate, and produce bug-report content using the included reference templates. Instructions do not tell the agent to read unrelated system files, exfiltrate data, or contact unexpected external endpoints.
Install Mechanism
No install spec is provided (instruction-only plus one helper script). The included Python script is local and generates test files; there are no downloads or external install URLs that would write or execute arbitrary remote code.
Credentials
The skill declares no required environment variables or credentials. The only credential-like content is placeholder test credentials in the generated conftest (clearly marked TODO). That is proportionate to a test-suite generator but requires user replacement before use.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges or modify other skills/configs. The generator writes test files to a user-specified output directory (./tests by default), which is expected behavior for a code generator.
Assessment
This skill appears coherent and not malicious, but take these precautions before running it: 1) Inspect the generated files (tests and conftest.py) and replace the placeholder base_url, username, and password with safe test credentials — do not run against production systems. 2) The generator will write files to the chosen output directory (default ./tests); ensure you run it in an appropriate workspace and commit only what you intend. 3) If you use the generated tests, review network targets and sensitive data handling (tokens, logs) before executing in CI. 4) No environment variables or remote installs are required by the skill itself; treat the included code as a local boilerplate generator and validate it per your security policies.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c9t3brfshnmc5awhd771h8584c585

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments