ClawHub

Multi Step Workflow

v4.4.5

Professional SOP with Machine-Gated Planning, Native-CLI Config, and Audit-Hardened Private Sandbox Storage.

0· 253·1 current·1 all-time
by@chyern

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for chyern/multi-step-workflow.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Multi Step Workflow" (chyern/multi-step-workflow) from ClawHub.
Skill page: https://clawhub.ai/chyern/multi-step-workflow
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: node, openclaw
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install multi-step-workflow

ClawHub CLI

Package manager switcher

npx clawhub@latest install multi-step-workflow
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, required binaries (node, openclaw), and included scripts (approve, task-tracker, context-snapshot, path-resolver) are coherent: the skill manages plans, gating, local snapshots, and uses the OpenClaw CLI for its own config entries.
Instruction Scope
Runtime instructions stay local: they instruct running included node scripts and using openclaw config get/set on the skill's own config path. Note: context snapshots include project_root (process.cwd()) and 'findings' as raw data; if enabled, snapshots may store sensitive content from the task (this is documented and default is off).
Install Mechanism
Instruction-only with bundled small scripts and no external download/install steps. No archive downloads or remote install URLs; lowest-risk install footprint.
Credentials
The skill requests no environment variables or external credentials. It uses the OpenClaw CLI to read/write its own config entries, which is appropriate for a skill that can configure sub-agent behavior.
Persistence & Privilege
always is false. The skill writes files only under a per-project /tmp subdirectory it creates with 0700 and sets files to 0600 where possible. It modifies only its own OpenClaw config path as instructed. Autonomous invocation is permitted by default (expected).
Assessment
This skill appears to do what it says: manage multi-step plans, gate execution via an approval script, and optionally save local snapshots. Before installing: 1) Review and be comfortable with openclaw CLI access because the skill reads/writes skills.entries.multi-step-workflow.config; only allow this if you trust the OpenClaw environment. 2) Keep useSnapshots disabled unless you trust local disk: snapshots include project_root and raw 'findings' and could capture secrets from task data. 3) The code is small and local—inspect scripts (approve.js, context-snapshot.js, task-tracker.js, path-resolver.js) yourself; they perform only filesystem ops and set restrictive permissions, and contain no network calls. 4) On non-POSIX filesystems (or restricted environments), chmod behavior may differ—verify file protections meet your requirements. 5) If you expect the skill to spawn sub-agents, verify the OpenClaw config controls are set as you intend (useSubAgents, maxSubAgents) and that the environment prevents unwanted OS/network commands. If you discover any hidden network code or additional required env vars not listed here, re-evaluate (that would raise suspicion).

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binsnode, openclaw
latestvk9747h46f6e3bwds2epgnmn0jh84zp3x
253downloads
0stars
59versions
Updated 1w ago
v4.4.5
MIT-0
@chyern
latest
Download

Standard Task SOP (High-Trust Edition)

Follow this adaptive workflow to ensure task reliability and professional-grade execution.

Phase 0: Triage & Analyze

  1. Analyze: Assess task scope within the workspace.
  2. Threshold Check:
    • Simple Path: < 3 steps. Direct execution.
    • Standard Path: >= 3 steps. Follow Path B.

[Path A] Simple Path

  1. Confirm intent -> Execute -> Report. DONE.

[Path B] Standard Path (Machine-Gated)

For complex engineering, act as a Manager and ensure all workers are Sandboxed.

Phase 1: Confirm

Summarize your understanding and align on the objective.

Phase 2: Create Plan

  1. Decompose: Register steps in task-tracker.js.
  2. Parallelize: Identify independent sub-tasks for delegation.
  3. Draft Plan: Create implementation_plan.md. Be explicit about worker scope.

Phase 3: Obtain Approval (Planning Mode - THE GATE)

[!IMPORTANT] YOU ARE IN PLANNING MODE.

  1. Present plan. MUST YIELD and wait for user approval.
  2. GATING: Once approved, YOU MUST RUN: node scripts/approve.js "<task>"
  3. DO NOT modify any files until this symbolic gate script is run.

Phase 4: Execute (Autonomous Loop)

[!TIP] YOU ARE IN AUTONOMOUS LOOP.

  1. Sequential by Default: Execute the plan steps sequentially yourself.
  2. Configurable Sub-agents: BEFORE parallelizing work:
    • Check Configuration: Run openclaw config get skills.entries.multi-step-workflow.config.
    • Initialization: If config is empty or errors, run openclaw config set skills.entries.multi-step-workflow.config '{"useSubAgents": false, "maxSubAgents": 3, "useSnapshots": false}' --strict-json.
    • Modify Configuration (if needed): Run openclaw config set skills.entries.multi-step-workflow.config.<key> <value> --strict-json.
    • Defaults (if missing): useSubAgents: false, maxSubAgents: 3.
    • If useSubAgents is false, DO NOT use spawn.
    • If useSubAgents is true, you may use spawn (limit: maxSubAgents).
    • RESTRICTION: Do NOT use spawn for arbitrary OS commands or network scanning.
  3. Progress: Mark steps done. Report each step and IMMEDIATELY move to the next.
  4. Context Preservation (Anti-Amnesia):
    • Check useSnapshots: Run openclaw config get skills.entries.multi-step-workflow.config (Default: false).
    • Execute (Only if useSnapshots is true): If you extract a crucial finding OR if the task is taking many turns: node scripts/context-snapshot.js save "<task>" "<findings>" "<pending>" ["<last_error_log>"]
    • Self-Healing: If you suspect context compaction, run node scripts/context-snapshot.js load to recover.

Phase 5: Validate

Verify results (tests, results). If a worker fails, go back to Phase 4.

Phase 6: Review

Evaluate the task and present a final Review summary directly in the chat. Highlight what was done well, what was problematic, and any critical lessons learned. DO NOT auto-write to any memory files. Simply display your review and ask the user if they would like this experience saved to their long-term memory.

Phase 7: Complete

Task finished. Clean up state if necessary.

Comments

Loading comments...