PRE Engineering Skill
PassAudited by VirusTotal on May 13, 2026.
Overview
Type: OpenClaw Skill Name: pre-engineering Version: 1.0.0 The 'pre-engineering' skill bundle is a legitimate framework designed to initialize and manage a multi-agent collaborative workflow (Plan-Review-Execute). It uses standard system tools like git for version control, date for logging, and cron-based loop management for agent persistence, all of which are aligned with its stated purpose of project orchestration. The skill includes defensive mechanisms such as loop prevention to avoid deadlocks and safety checks to prevent accidental file overwrites, and it contains no evidence of data exfiltration, malicious execution, or harmful prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Project files may be inspected during setup, and some inferred details may be written into the generated .pre documents.
The setup workflow may read local project files to infer requirements. This is expected for a project-initialization skill, but it can expose project details to the agent context and generated documents.
Auto-scan project directory to infer available information... Auto-scan README.md, design docs, package.json, requirements.txt, etc.
Use this only in the intended project directory, choose manual entry if the repo contains sensitive unrelated documents, and review generated .pre files before starting agents.
Once launched, agents may change source files and could introduce unwanted bugs or design choices.
The Executor role is explicitly designed to make code changes under the project source path. This matches the skill's engineering purpose but is still local mutation authority.
Formulate own execution plan based on Planner's requirement and approach — plan autonomously then code... Deliverable files should be placed under the project code path (../src)
Start from a clean git state, keep backups or a baseline commit, and review diffs/commits before relying on the generated changes.
If the user starts the loops, agents can continue operating until DONE or until cancelled.
The workflow uses persistent loop tasks for multiple agents. The artifacts disclose this and include cancellation guidance, so it is not hidden persistence.
Planner, Executor, and Reviewer each have independent loop tasks, all need independent job ID recording... Pause: Execute `/schedule-cancel <job-id>`
Record every job ID, cancel loops when pausing work, and confirm the latest collaboration-log status before leaving agents unattended.
A modified collaboration log could cause agents to enter the wrong phase or act on misleading instructions.
The persistent collaboration log controls what each agent does. This is the intended coordination mechanism, but untrusted edits to the log could influence future agent actions.
`Status: <status_code>` — The status code is the sole basis for agents to determine execution conditions
Keep .pre/collaboration-log.md under trusted control, review unexpected log entries, and avoid accepting untrusted changes to the .pre directory.