Test Harness Entry Diagnostics
PassAudited by VirusTotal on May 5, 2026.
Overview
Type: OpenClaw Skill Name: bookforge-test-harness-entry-diagnostics Version: 1.0.0 The skill bundle is a legitimate diagnostic tool for software engineers, implementing methodologies from Michael Feathers' 'Working Effectively with Legacy Code'. It provides structured instructions for an AI agent to identify why code is difficult to test and recommends standard refactoring techniques. No evidence of data exfiltration, malicious execution, or harmful prompt injection was found; the use of Bash and Grep tools is consistent with the stated purpose of analyzing codebases and running diagnostic tests.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may inspect the codebase, create or modify a test, and run build/test commands locally.
The skill requests code-reading/search tools, shell access, and optional editing so it can create and run diagnostic tests. This matches the stated testing purpose, but users should notice the local command and edit authority.
tools-required: [Read, Grep, Bash]\n tools-optional: [Edit]
Use it on a test branch or disposable workspace, review any proposed edits or shell commands, and avoid running against production-connected configurations.
If the project is configured to use real services, a diagnostic construction test could trigger unintended local or external side effects.
The diagnostic intentionally runs constructor or method code to discover obstacles. In legacy systems, that can trigger side effects such as database connections or slow operations, which the skill itself acknowledges.
The runtime tells you exactly which side effects fire.
Run diagnostics with test doubles, local-only configuration, or a sandboxed test environment before allowing commands that instantiate legacy classes.