ClawHub

Improvement Executor

v1.0.0

当需要把已批准的改进候选应用到目标文件、回滚之前的变更、或预览变更效果时使用。支持 4 种 action(append/replace/insert_before/update_yaml),每次变更前自动备份。不用于打分(用 improvement-discriminator)或门禁验证(用 improvemen...

0· 55·0 current·0 all-time
by_silhouette@lanyasheng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (apply accepted candidates, rollback, preview) matches the included scripts (execute.py, rollback.py) and tests. The actions are document-focused (append/replace/insert/update YAML frontmatter) which align with required behavior; nothing extraneous (no cloud or unrelated service credentials) is requested.
Instruction Scope
The SKILL.md CLI exactly matches the scripts and describes using a ranking artifact and candidate-id. The scripts will read and write arbitrary filesystem target paths provided in the ranking artifact (create backups first). This is expected for an executor but is high-impact: you must only run it with trusted ranking.json / candidate inputs and an appropriate state-root to avoid unintended file modifications.
Install Mechanism
Instruction-only skill with no install spec. The package includes Python scripts and tests; nothing is downloaded or extracted at install time.
Credentials
No required env vars are declared. The code does optionally read OPENCLAW_ROOT (rollback.py) to form a default DEFAULT_ROOT under the user's home if present; PyYAML is imported at runtime in update_yaml_frontmatter (falls back to an error status if missing). These implicit dependencies are reasonable but not declared in SKILL.md (minor mismatch).
Persistence & Privilege
always is false and the skill does not request permanent platform-wide privileges. It writes artifacts into a specified state-root (or default under ~/.openclaw) and does not modify other skills' configuration. Autonomous invocation is allowed by default but not unusual for a toollike skill.
Assessment
This skill is internally consistent and appears to do what it says: it applies and reverts document-style improvements by writing to files and creating backups. Before installing or running it: (1) ensure the ranking.json / candidate inputs are trusted — the script will modify whatever target path is specified; (2) choose an explicit --state-root (or verify the default ~/.openclaw path) so backups and executions are written where you expect; (3) be aware update_yaml_frontmatter requires PyYAML to actually modify frontmatter; if you plan to run rollback, note the script will look under OPENCLAW_ROOT if set; (4) review the repo's lib.common and lib.state_machine implementations in your environment (these are imported but not included here) because they control backup behavior and state updates. If any of those dependencies or inputs are untrusted, run with --dry-run first or in an isolated environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ap1qej0hhty3gez2m06yrpx849ybe

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments