Validate Agent
v1.0.0Agent验证与质量保证。减少静默系统错误,产出可重现的证据。 触发条件:(1) 完成任务时 (2) 修复问题后 (3) 提供答案前 (4) 跨会话承诺时
⭐ 0· 257·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (agent validation & QA) aligns with the runtime instructions (validation checklist, single-variable changes, 30s verification, promise tracking, proactive-message limits). There are no unexpected credentials, binaries, or external services requested.
Instruction Scope
Instructions are focused on verification practices and are appropriately scoped. One noteworthy point: the instructions tell the agent to record cross-session commitments to a file named promises.md (and enforce a 48-hour expiry). That is coherent with the feature, but the skill metadata does not declare any config path or file access — the agent will be asked to write/read promises.md even though no config path was listed.
Install Mechanism
No install spec or code files are present; this is instruction-only, so nothing will be downloaded or installed by the skill itself.
Credentials
The skill requests no environment variables, credentials, or external tokens. All actions described are local procedural checks and file-based tracking; there are no disproportionate secret requests.
Persistence & Privilege
The skill is not marked always:true and uses default autonomy settings. That is normal. The instructions do require persistent cross-session tracking (promises.md and a 48-hour expiry), so installing it implies the agent will persist commitments to disk — ensure you accept that persistence and file write/read behavior.
Assessment
This skill is an instruction-only agent QA checklist and looks coherent. Before installing: (1) confirm you are comfortable with the agent writing/reading a local file named promises.md (cross-session storage and expiry behavior), and ensure the agent has appropriate filesystem permissions and the intended directory for that file; (2) review and tune thresholds (4s, 30s validation, 3 proactive messages/day) to match your environment; (3) if you need strict auditing, modify the skill to log to a controlled location or declare the config path explicitly; (4) no credentials or network calls are requested, so network/exfiltration risk from the skill itself is low. If you want higher assurance, request the author add an explicit config-path requirement for promises.md and clarify where logs are kept and how expiration is enforced.Like a lobster shell, security has layers — review code before you run it.
latestvk97cmmdpxcrarmw3abyc3fn7ys82mens
License
MIT-0
Free to use, modify, and redistribute. No attribution required.