Core Executing Plans
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is an instruction-only development workflow for executing coding plans in batches with human checkpoints; its code-changing behavior is disclosed and purpose-aligned.
Before installing or invoking, make sure the implementation plan is one you trust, run it on a branch where changes can be reviewed or reverted, and review the required `core-finishing-branch` sub-skill because it participates in the final workflow.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
When invoked, the agent may make and commit code changes while carrying out the plan.
The workflow explicitly tells the agent to execute plan tasks and commit code, which can modify the user's repository. This is expected for a plan-execution development skill and is paired with validation.
按顺序执行任务,每个任务: ... 验证任务完成 ... 提交代码
Use it on a reviewed plan and preferably on a feature branch; inspect changes at checkpoints before allowing the next batch.
The final behavior depends partly on another skill that is not described in this artifact.
The skill delegates final completion to another named skill. That is disclosed, but users should understand that the separate sub-skill also becomes part of the trusted workflow.
**REQUIRED SUB-SKILL:** 使用 `core-finishing-branch`
Review and trust `core-finishing-branch` before relying on this workflow for real repository changes.