Workflow Engine

Structural parity skeleton for queue-driven orchestration in a workflow context.

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 771 · 11 current installs · 12 all-time installs

byPedro Gonzalez@plgonzalezrx8

MIT-0

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

Name and description match the instructions: this is a skeleton workflow/queue orchestrator that reads/writes local queue and ops files. However, the SKILL.md includes installation steps (./install-hooks.sh, openclaw hooks enable) that imply additional artifacts or system changes that are not present in the package. That mismatch is noteworthy but could be legitimate if install artifacts are distributed separately.

Instruction Scope

Runtime instructions direct the agent to read and persist local files (ops/*, ops/queue/*) which is consistent with a queue orchestrator. But the SKILL.md also instructs running an install script and invoking openclaw hooks enable commands that will modify agent hooks/configuration; those steps are outside the normal read/operate-on-queue scope and could change agent behaviour. The skill permits use of Bash as an allowed tool while also claiming 'Never: execute arbitrary shell from user-provided strings' — that is a useful safety constraint but still leaves room for shell actions. The skill itself does not include the install script or hook definitions to audit.

ℹ

Install Mechanism

There is no formal install spec (lowest install risk). However, the SKILL.md provides manual install instructions that reference './install-hooks.sh' and 'openclaw hooks enable'—neither file nor script is included. The absence of provided install artifacts means a user would need to obtain or run external scripts whose contents are unknown.

✓

Credentials

The skill declares no required environment variables, binaries, or config paths. The requested scope of access (reading ops/ and queue files) is proportional to the stated purpose.

Persistence & Privilege

The skill does not force persistent inclusion (always:false), which is good. But its installation guidance explicitly tells operators to enable hooks via 'openclaw hooks enable', which would modify agent-level hook configuration (i.e., system/other-skills behavior). Instructions that change hook configuration are a persistence/privilege concern because they alter agent behavior beyond the skill's own runtime, and the skill package doesn't include the artifacts to inspect before making those changes.

What to consider before installing

This is an instruction-only skeleton that reads/writes local 'ops' and queue files and otherwise behaves as a deterministic orchestrator. Things to consider before installing or running anything: 1) The package contains no install scripts or hook definitions, yet the README tells you to run './install-hooks.sh' and 'openclaw hooks enable' — do not run unknown install scripts; obtain and inspect them first. 2) Enabling hooks modifies agent-wide behavior; only enable them if you trust the source and understand what each hook does. 3) Review any local ops/queue files for secrets before letting the skill read them, and consider running in an isolated/test agent to observe effects. 4) If you need more assurance, ask the publisher for the missing install artifacts, source repository, or a signed release before enabling hooks in production.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0

Download zip

latestvk97079xxhnt6mxbpag7pjr5n0n81fwh9

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Contract

This skill is intentionally skeleton-only. It provides structure parity with canonical queue orchestration without plugin hooks.

Wave 2 execution parity includes:

Setup derivation phase ordering: detection -> understanding -> derivation -> proposal -> generation -> validation
Required persisted setup artifacts: ops/derivation.md, ops/derivation-manifest.md, ops/config.yaml
In-skill lifecycle emulation routines (not real hook execution):
- session orient
- write-time validation checklist
- stop/session capture persistence

Argument Parsing

Parse arguments in this order:

positional target (optional)
--handoff (boolean)
--batch <id> (optional)
--type <phase> (optional)
unknown flags are non-fatal; report and ignore

If no target is supplied, list candidate inbox files and request explicit selection.

Runtime Loader Requirements

Before doing queue work, load runtime context from:

ops/derivation-manifest.md (if present)
ops/config.yaml (if present)
queue file with fallback precedence:
1. ops/queue/queue.yaml
2. ops/queue/queue.yml
3. ops/queue/queue.json

If no queue file exists, fail safely with actionable remediation.

Safety Constraints

Never:

execute arbitrary shell from user-provided strings
continue processing after parse/load failures
mutate tasks outside declared queue schema fields
call external plugins/hooks (explicitly out of scope)

Always:

validate queue structure before state transitions
make state transitions explicit (extract -> create -> reflect -> reweave -> verify -> done)
produce deterministic handoff text when --handoff is set
preserve resumability by reading persisted queue state first

Scope Boundary

No plugin hooks are implemented in this skeleton. Lifecycle behavior is emulated in-skill to preserve deterministic execution semantics only.

Installation

To install the workflow-engine and enable its hooks:

# Clone or navigate to the workflow-engine directory
cd workflow-engine

# Run the install script to set up hooks
./install-hooks.sh

# Or manually enable hooks via openclaw
openclaw hooks enable session-orient
openclaw hooks enable write-validate
openclaw hooks enable session-capture

Files

2 total

Select a file

Select a file to preview.

Comments

Loading comments…