Generic Quality Gateways for Unattended Agent Development
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill appears to define scoped quality-gate reporting for repositories, with no code, installer, credentials, or hidden network behavior.
This looks safe to install as an instruction-only quality-gate skill. Before using it in a real repository or CI/CD flow, review the `.defs/quality-gateway-definition.json` settings, confirm the report paths, and check generated evidence files before committing or using them to block releases.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may add or update quality report files in the repository, which could appear in version control if not reviewed.
The skill is designed to create or update repository-local temporary files and quality reports. This is expected for a reporting skill and is scoped to repository paths.
Temporary files MUST go to: `REPO_ROOT/.tmp/quality-gates/` ... Reports MUST be written to repository paths defined in the JSON config
Run it on a working branch or clean workspace, keep output paths scoped, and inspect generated reports/evidence before committing.
If integrated into CI/CD, failed or misconfigured gates could block a release until the report or thresholds are reviewed.
The template supports blocking behavior when a configured quality gate fails. This is consistent with the skill’s quality-gateway purpose, but misconfigured thresholds could affect release decisions.
"blockIfAnyBlockingGateFails": true
Review the gate thresholds, weights, and blocking settings before using the generated configuration in an automated pipeline.