Improvement Gate
v1.1.1当执行完变更需要验证是否应保留、候选被标记 pending 需要人工审批、或想查看待审队列时使用。6 层机械门禁: Schema→Compile→Lint→Regression→Review→HumanReview,其中 Schema/Compile/Regression/Review 为阻塞层(失败即拒绝),L...
⭐ 0· 103·1 current·1 all-time
by_silhouette@lanyasheng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (six-layer validation + human-review CLI) align with the provided CLI scripts and tests. The skill only requires execution artifacts and ranking inputs as described; it does not request unrelated credentials or binaries. Minor note: some layer category checks reference 'code' in human-review logic while SchemaGate VALID_CATEGORIES does not include 'code' — this is an internal consistency quirk but not a security mismatch.
Instruction Scope
SKILL.md instructs running local Python scripts (gate.py, review.py) and using a state directory for review JSON files; the scripts only read/write local state, validate artifact structure, run simple lint/compile checks, and create/complete review JSONs. There are no instructions to call external endpoints or read unrelated system secrets. One operational caution: CompileGate calls py_compile on a supplied target_path (from the execution artifact), which will open local files — expected for syntax checking but worth being aware of.
Install Mechanism
Instruction-only skill with included scripts and tests; no install spec, no external downloads, and no package installs. Low-risk from an install perspective.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. The included code does not attempt to read environment secrets. It reads/writes a local state tree (review JSON files), which is proportionate to the human-review functionality.
Persistence & Privilege
always is false and the skill does not request permanent platform-wide privileges. It persists review requests to a local state directory (expected behavior) and does not modify other skills' configs. Agent autonomous invocation is allowed by default but this is standard and not specific to this skill.
Assessment
This skill appears to do what it says: run a 6-layer mechanical gate and manage a human-review queue via local JSON state. Before installing, ensure the repository's lib.common and lib.state_machine modules (imported by the scripts) are from a trusted source, since they determine state-directory layout and timestamping. Also be aware that CompileGate will attempt to compile the file path supplied in the execution artifact (it opens local files for syntax checking)—this is expected but means execution artifacts should come from your trusted executor, not from arbitrary external inputs.Like a lobster shell, security has layers — review code before you run it.
latestvk97dqt2f2k81k7dnfab73b1vrd84a2fr
License
MIT-0
Free to use, modify, and redistribute. No attribution required.