LoR (Loop of Resilience)
v1.0.1A modular 5-step engineering verification loop ensuring reliable execution and output validation for complex tasks like coding and planning.
⭐ 1· 17·0 current·0 all-time
byZhang, Yu-Wei@uwe77
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (a 5-step verification/CoT loop) align with the supplied files: modular engine modules, a setup script, README and tests. There are no unexpected binaries, external service credentials, or unrelated capabilities requested.
Instruction Scope
SKILL.md describes auto-triggering on complex tasks and safety constraints (e.g., require confirmation for destructive ops) but the codebase contains no enforcement for those policies — the skill provides local verification helpers and a verifier that restricts access to the skill directory. The SKILL.md also documents an auto-registration hook ([REGISTER_LOR_SKILL]) which the setup script echoes; actual registration into agent memory depends on the agent implementation. In short: the instructions are descriptive and prescriptive, but much of the enforcement is expected to be handled by the host agent rather than by the skill itself.
Install Mechanism
There is no remote download/install from arbitrary URLs (low risk). The included scripts/setup.sh copies engine/, SKILL.md and package.json into $HOME/.openclaw/skills/lor — a standard local install behavior. This writes files into the user's home directory, so users should verify the repository origin before running the script. No extracted archives, remote binaries, or network fetches are present.
Credentials
The skill requires only Node.js (engine metadata) and declares no environment variables, secrets, or external credentials. The code uses only core Node modules (fs, path) and the verifier restricts file access to the skill root, which is proportionate to a verification utility.
Persistence & Privilege
always:false (default) and there are no privileged manifest flags. The setup script prints a registration hook string intended for agents to add to MEMORY.md; this could lead to the skill being persisted by an agent that follows that convention. That persistence depends on agent behavior — the skill itself does not autonomously persist or modify agent state.
Assessment
This skill appears internally consistent and limited to local verification logic, but before installing you should: (1) verify you trust the repository owner (setup.sh copies files into ~/.openclaw/skills/lor), (2) confirm your agent enforces the SKILL.md safety constraints (the skill doesn't implement confirmation checks itself), (3) review the [REGISTER_LOR_SKILL] registration behavior your agent will perform (so it doesn't auto-enable the skill without your consent), and (4) run the provided tests locally (npm test / node tests/test_lor.js) to ensure behavior is as expected. If you don't trust the source, do not run the setup script or install the skill.Like a lobster shell, security has layers — review code before you run it.
latestvk9711ypkwvnmjzq72czha5209184srr9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.