Aidlc
v1.0.0AI-Driven Development Life Cycle (AI-DLC) adaptive workflow for software development. Use when: starting a new project, new feature, bug fix, refactoring, mi...
⭐ 0· 62·1 current·1 all-time
byBingWang@sydpz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (AI-driven development workflow) aligns with the instructions: the skill inspects the workspace, loads many internal reference files, creates planning/design/code artifacts, and manages a state and audit log. It requests no unrelated binaries, environment variables, or external credentials.
Instruction Scope
The runtime instructions mandate reading the workspace and (for brownfield/code stages) all relevant code and artifact files, creating an aidlc-docs/ tree, writing/maintaining aidlc-state.md and appending raw user inputs to aidlc-docs/audit.md, and putting all clarifying questions into .md files rather than asking in chat. Those actions are consistent with a development workflow but can capture highly sensitive content (user answers, configs, code) into project files and change the repository; review and control where you run it.
Install Mechanism
Instruction-only skill with no install steps, no external downloads, and no packages — lowest install risk.
Credentials
The skill declares no required environment variables, credentials, or external config paths. It does require read/write access to the workspace (creating aidlc-docs/, state, audit and artifact files), which is proportionate for a code-generation/workflow orchestration skill.
Persistence & Privilege
The skill will persist state and audit artifacts inside the workspace (aidlc-state.md, audit.md, and many aidlc-docs files) and may create backups when recovering. always:false and no autonomous-install flags are set, but the skill will modify repository files — ensure you run it in an appropriate location and review created files.
Scan Findings in Context
[scanner-none] expected: Regex scanner found nothing to analyze; that is expected because this is an instruction-only skill whose behavior is expressed in the SKILL.md and included reference files.
Assessment
This skill is coherent with its stated purpose, but it will read your workspace, create an aidlc-docs/ directory, maintain aidlc-state.md, and append all user inputs verbatim to aidlc-docs/audit.md. Before installing or running: (1) run it only in a repository where writing these files is acceptable (or a disposable/isolated workspace); (2) avoid placing secrets or credentials in question files or in chat answers (the skill records user input verbatim); (3) review any created files before committing/pushing them (audit.md may contain sensitive text); (4) if you don't want the AI to scan your codebase, do not run this skill or run it against a minimal/stripped workspace; (5) be aware it forbids asking clarifying questions in chat and requires you to answer via generated .md files, so follow that workflow. If you want deeper assurance, ask the skill author (or publisher) for explicit behavior around handling of secrets, file overwrite rules, and a sample run in a safe repo.Like a lobster shell, security has layers — review code before you run it.
latestvk97azj3fzvcqkgnpsdzn3gvfk583q1z3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.