Quality-Driven Development (QDD)
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only coding workflow is purpose-aligned and shows no hidden install, credential use, persistence, or data exfiltration, though it may run project tests and change code as expected.
This skill appears safe for normal coding assistance. Before installing, be aware that it is designed to run tests/coverage and make code changes during development tasks; keep work under version control and review any dependency, logging, or configuration changes before accepting them.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill may run the project's tests or coverage tooling and may change source or test files as part of the requested development task.
The workflow tells the agent to run local project commands such as coverage and test commands; this is expected for a coding quality skill, but users should be aware that project commands execute code in the local environment.
Measure current test coverage (run coverage command if available)
Use it in the intended repository, preferably with version control active, and review the SPEC, command results, and diffs before accepting changes.
The skill may suggest or add a logging framework when a project lacks one, which could affect dependencies and project configuration.
The logging-framework step could lead to adding a new dependency or project configuration; this is purpose-aligned, but dependency additions should be explicit and reviewed.
if none exists, recommend and set up one
Ask the agent to request approval before adding dependencies, and review any package choice, version, and configuration change.