ClawHub

Skill Eval Preflight

v1.0.0

Validate OpenClaw skills during authoring. Use when creating, revising, or preparing a skill for release and you need to scaffold `evals/` files, check readi...

1· 152·0 current·0 all-time
byStone Chen@stonechen1014
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the included scripts and files. The scripts only operate on a target skill directory (SKILL.md, evals/*.json, run outputs). No unrelated environment variables, binaries, or external services are required.
Instruction Scope
SKILL.md instructs running local Python scripts that validate/initialize eval files and generate static run artifacts. The scripts read and write files within the provided skill directory (SKILL.md, evals/, runs/). They do not access system credentials, home-wide config, or external endpoints.
Install Mechanism
No install spec or remote downloads are present; this is an instruction-only skill with included Python scripts. Nothing is pulled from external URLs or package registries during install.
Credentials
The skill requests no environment variables, credentials, or config paths. The scripts only use file-system access to the provided skill directory, which is appropriate for the stated purpose.
Persistence & Privilege
The skill is not always-enabled and is user-invocable. It writes output under evals/runs/<run-group>/<mode> and comparison artifacts under the run-group—this is expected behavior for an evaluator and does not modify other skills or system-wide settings.
Assessment
This skill appears coherent and appropriate for authors: it reads SKILL.md and evals/ files and creates eval scaffolding and run artifacts under the target skill directory. Before installing or running: (1) review the included Python scripts yourself (they are small and local) to confirm you trust operations that read/write files in the target directory; (2) run the tools on a copy or a non-production repo if you want to avoid creating run folders in-place; (3) note the scripts do not perform network calls or require credentials, so there is low risk of secret exfiltration. If you need the agent to run this autonomously, remember autonomous invocation is allowed by default—only enable that if you trust the skill and its inputs.

Like a lobster shell, security has layers — review code before you run it.

evalvk97ep18gvevw7ybx7nmes41ybx82vvgalatestvk97ep18gvevw7ybx7nmes41ybx82vvgapreflightvk97ep18gvevw7ybx7nmes41ybx82vvgareadinessvk97ep18gvevw7ybx7nmes41ybx82vvgaskill-authoringvk97ep18gvevw7ybx7nmes41ybx82vvgatrigger-coveragevk97ep18gvevw7ybx7nmes41ybx82vvga

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments