Agentic Workflow System
v1.0.0Enables the Agentic Workflow (Kanban + Heartbeat + QA Subagent). Use this when instructed to set up a continuous, asynchronous task system for any agent.
⭐ 0· 261·1 current·1 all-time
byPeng Shu@mashirops
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the runtime instructions: the skill tells the agent to create a TASK_BOARD.yaml, add heartbeat executor logic to HEARTBEAT.md, and use a QA subagent to verify outputs. Nothing requested (no env vars, no binaries, no installs) is out of scope for a workspace-level agentic workflow.
Instruction Scope
Instructions direct the agent to read and write files in the workspace root (TASK_BOARD.yaml and HEARTBEAT.md) and to spawn subagents via sessions_spawn(runtime="subagent"). These actions are consistent with the workflow purpose, but they give the agent authority to modify repository/workspace files and to invoke subagents that will process produced outputs. The skill also requires the agent to remain silent except for DONE/BLOCKED notifications, which reduces user visibility into intermediate actions.
Install Mechanism
Instruction-only skill with no install steps and no code files. Nothing will be downloaded or written by an installer; risk from installation is minimal.
Credentials
No environment variables, credentials, or config paths are requested. The skill does not ask for access to unrelated services or secrets.
Persistence & Privilege
The skill recommends continuous, autonomous heartbeats and spawning subagents, but it does not force always:true or modify other skills/configs. Autonomous invocation and subagent spawning are expected for this purpose, but they increase the agent's operational footprint and potential blast radius if misused.
Assessment
This skill is internally consistent for setting up a workspace-level Kanban + heartbeat + QA subagent workflow and does not request credentials or install code. Before enabling it: (1) review and test the TASK_BOARD.yaml/HEARTBEAT.md changes in a safe/test workspace so you know exactly what will be written and when; (2) confirm that your OpenClaw environment's sessions_spawn/subagent behavior is trusted (subagents will receive outputs and goals you produce); (3) avoid putting sensitive secrets or private data into task payloads that will be passed to subagents; (4) ensure you have audit/logging so you can see actions the agent performs while it's being silent between DONE/BLOCKED messages. No regex scan findings were present (instruction-only), but that doesn't replace manual review of the files the agent will create/modify.Like a lobster shell, security has layers — review code before you run it.
latestvk975c9qqt4tzgq2qqd7e8cvn1x82ybx7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.