HITL Protocol — Workflows and Human Decisions for Autonomous Agents
v0.7.2HITL Protocol — the open standard for human decisions in autonomous agent workflows. When a website or API needs human input, it returns HTTP 202 with a revi...
⭐ 2· 506·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name and description (HITL protocol for agents and services) match the SKILL.md content. The skill requests no binaries, env vars, or installs and only provides guidance for handling HTTP 202 review flows, polling, SSE, webhooks, and inline messaging — all coherent with its purpose.
Instruction Scope
SKILL.md contains detailed runtime instructions (detect 202, forward review_url, poll or use SSE, verify webhook signatures). These are within HITL scope. A few places require implementer judgement (e.g., what auth headers to use when polling, exposing a callback endpoint), which could lead to insecure implementations if the agent developer is careless. The guide explicitly warns not to log sensitive fields and to require HTTPS for review URLs.
Install Mechanism
No install spec, no code files to write or execute. Instruction-only skills are low-risk from an install mechanism perspective.
Credentials
The skill declares no required environment variables or credentials. It shows example patterns (HMAC secret for webhook verification, auth headers for polling) that are proportional and expected for webhook or authenticated poll flows; these are presented as implementation details rather than required skill-level secrets.
Persistence & Privilege
Skill is not marked always:true and does not request persistent system presence or modify other skills. It is instruction-only and thus does not demand elevated platform privileges.
Assessment
This skill is a protocol specification and implementation guide — it appears coherent and appropriate for agents and services implementing human-in-the-loop flows. Before using it in production, ensure your agent: (1) does not log or store sensitive form fields, (2) only forwards review URLs over HTTPS and to the intended human/recipient, (3) protects any webhook callback endpoints and stores webhook HMAC secrets securely if you expose one, and (4) respects rate limits when polling. If you plan to allow autonomous agent invocation with network access, review which services the agent will contact and ensure you trust them, because the agent will forward review URLs and may poll or accept callbacks on their behalf.Like a lobster shell, security has layers — review code before you run it.
WhatsAppvk97ajmm84aeqxq046bwb81ageh81v70eagent-readyvk97ajmm84aeqxq046bwb81ageh81v70eagent-workflowvk97ajmm84aeqxq046bwb81ageh81v70eapprovalvk97ajmm84aeqxq046bwb81ageh81v70eautonomous-agentsvk97ajmm84aeqxq046bwb81ageh81v70econfirmationvk97ajmm84aeqxq046bwb81ageh81v70ediscordvk97ajmm84aeqxq046bwb81ageh81v70eescalationvk97ajmm84aeqxq046bwb81ageh81v70ehitlvk97ajmm84aeqxq046bwb81ageh81v70ehttp-202vk97ajmm84aeqxq046bwb81ageh81v70ehuman-approvalvk97ajmm84aeqxq046bwb81ageh81v70ehuman-in-the-loopvk97ajmm84aeqxq046bwb81ageh81v70einputvk97ajmm84aeqxq046bwb81ageh81v70elatestvk978jkwrnpdy9hrnpycamy9ath824gqymessengervk97ajmm84aeqxq046bwb81ageh81v70emulti-roundvk97ajmm84aeqxq046bwb81ageh81v70emulti-stepvk97ajmm84aeqxq046bwb81ageh81v70eopen clawvk97bnx0xhp5rv5ps51r8v7j6es81qcd6openclawvk97ajmm84aeqxq046bwb81ageh81v70epollingvk97ajmm84aeqxq046bwb81ageh81v70eprotocolvk97ajmm84aeqxq046bwb81ageh81v70ereview-urlvk97ajmm84aeqxq046bwb81ageh81v70eselectionvk97ajmm84aeqxq046bwb81ageh81v70eslackvk97ajmm84aeqxq046bwb81ageh81v70essevk97ajmm84aeqxq046bwb81ageh81v70eteamsvk97ajmm84aeqxq046bwb81ageh81v70etelegramvk97ajmm84aeqxq046bwb81ageh81v70ewebhookvk97ajmm84aeqxq046bwb81ageh81v70e
License
MIT-0
Free to use, modify, and redistribute. No attribution required.