← Back to Skills Marketplace
nhadaututtheky

Rune

by NGUYEN VIET NAM · GitHub ↗ · v2.15.0 · MIT-0
cross-platform ⚠ suspicious
452
Downloads
0
Stars
1
Active Installs
15
Versions
Install in OpenClaw
/install rune-kit
Description
Performs adversarial red-team analysis on approved plans to identify edge cases, security risks, scalability issues, error paths, and integration risks befor...
Usage Guidance
What to check before installing: - Confirm source/trust: The SKILL.md points to a GitHub repo and docs site, but the registry entry lists 'Source: unknown' and no homepage. Verify the upstream repository and maintainer identity (open the repo URL, inspect commit history, stars, and releases). Do not install unless you trust the publisher. - Inspect code files: The bundle includes src/index.ts and multiple scripts. If possible, open and grep for network calls, hardcoded endpoints, command execution (child_process/exec), or references to tokens. Search for 'curl', 'gh api', 'fetch(', 'axios', 'exec(', 'spawn(', 'process.env.' and review what would be transmitted externally. - Prompt injection artifacts: SKILL.md contains patterns that could try to override agent/system prompts. Manually review the raw skill docs for any instructions that attempt to change system-level behavior or tell the agent to ignore prior system instructions. - Secrets & tokens: Although no env vars are declared, several workflows reference GitHub API usage and other external integrations that will require tokens (GITHUB_TOKEN, service API keys). Do not supply repository or organization-level tokens to the skill unless you understand and accept the exact scope of operations. Prefer granting minimal-scope tokens and run initial scans in a throwaway/test repo. - File writes: The skill will read and write files under the repo (e.g., .rune/, assets/, AUDIT-REPORT.md). If you install in a sensitive repo, review writes first or run in a clone. Consider enabling version control hooks or running the skill in a sandboxed branch. - Least privilege: If you must use it, run the skill with least privilege (no org-scoped tokens, restrict network access if your environment supports it) and monitor outbound traffic. - Ask for provenance: If you want to proceed, request the author/homepage (the SKILL.md references github.com/rune-kit/rune and docs — verify those links resolve to the same code bundle). If you cannot verify the upstream repo and release, treat the package as untrusted. If you want, I can (1) list the specific files/lines that call external APIs or run shell commands, (2) search the code for any occurrences of 'process.env', 'GITHUB_TOKEN', 'curl', or exec, or (3) extract the raw SKILL.md and highlight the exact prompt-injection snippets for manual review.
Capability Analysis
Type: OpenClaw Skill Name: rune-kit Version: 2.15.0 The Rune skill bundle is a highly sophisticated and well-documented framework for AI-assisted development, implementing a mesh of 63 specialized skills. It features robust defensive mechanisms, including 'sentinel' for security gating, 'hallucination-guard' to prevent AI-generated import errors, and a dedicated 'integrity-check' skill (in skills/rune-integrity-check.md) designed to detect indirect prompt injection and memory poisoning in persisted state files. The architecture emphasizes process discipline through a 'skill-router' (in src/index.ts) and includes explicit risk disclosures for high-risk operations, such as the use of unofficial APIs in the Zalo extension. All high-privilege capabilities, such as file system access and command execution, are strictly aligned with the framework's stated purpose of providing a reliable, multi-session development environment.
Capability Tags
cryptorequires-walletcan-make-purchasesrequires-oauth-tokenrequires-sensitive-credentials
Capability Assessment
Purpose & Capability
The skill metadata/descriptions highlight the 'adversary' red‑team function, but the published bundle is a full 63‑skill mesh (router, orchestrators, utilities, extension packs) covering diverse functionality (audit, autopsy, asset-creator, CI checks, etc.). That broad scope is coherent for a 'mesh' product but is inconsistent with the short description you provided if you expected a single-purpose red-team helper. Nothing in the package requests unrelated cloud credentials up front, but the mesh clearly intends to perform repository scanning, file reads/writes, and external API calls (e.g., GitHub API) that are beyond a narrow 'adversary-only' tool.
Instruction Scope
The SKILL.md and included skill documents instruct the agent to read many project files, run grep/gh/curl commands, write files into project dirs (e.g., .rune/, assets/), and call other internal skills. Those behaviors are expected for a project-auditing mesh, but the runtime docs contain detected prompt-injection strings (e.g., 'ignore-previous-instructions', 'system-prompt-override', unicode control characters). Prompt‑injection patterns in the skill guidance can be abused to try to override host policy or evaluation context; this is an unusual and risky artifact that should be examined. Also several steps suggest calling GitHub APIs or running CLI tools that may require secrets (GITHUB_TOKEN) even though no env vars are declared.
Install Mechanism
There is no install spec (instruction-only), which is lower risk than remote downloads. However, the bundle contains multiple code files (src/index.ts and JS scripts). The lack of an install spec plus presence of runnable source is a mild inconsistency: reviewers should confirm how/where this code will execute on the platform. No external downloads or URL-based installers were declared.
Credentials
Registry metadata declares no required environment variables or primary credential. Yet the instructions reference operations that commonly need credentials (e.g., GH API via gh or curl using GITHUB_TOKEN, possibly outbound calls to other services). The absence of declared env requirements is not necessarily malicious, but it is a discrepancy you should expect to encounter when the skill is used (it may prompt for tokens at runtime).
Persistence & Privilege
The package does not request 'always: true' and leaves autonomous invocation enabled (default). It instructs writing to project-local directories (e.g., .rune/, assets/) which is consistent with its purpose. No evidence it modifies other skills' configs or requests system-wide persistent privileges.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install rune-kit
  3. After installation, invoke the skill by name or use /rune-kit
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.15.0
• feat(v2.15.0): Second Opinion + Cross-Provider + Routing Clarity
v2.14.0
• chore(release): sync version + skill count across docs/index.html, ROADMAP, README, marketplace.json for v2.14.0 • feat(v2.14.0): Deep Modules — improve-architecture skill + 5 mesh hardening • fix(plugin): move marketplace description to root + add schema ref • feat(ba): logic-consistency check + artifact triad (v0.8.0) • fix(ci): biome lint auto-format for openclaw-adapter tests
v2.13.0
• feat(v2.13.0): Script Contract + @rune-pro/media pack • chore: remove GitNexus references from config • docs: refresh VISION for v2.12 runtime discipline + retroactive Apr-02 wave entry • docs(skills): add 'Use when...' clauses to 7 ambiguous-name skills • docs: add getting-started, skill index, signals, troubleshooting + templates • fix(ci): fix ClawHub publish and GitHub Release re-run
v2.12.3
- Added new "graft" skill, expanding the mesh to 62 skills and 215+ connections. - Introduced onboard and session bridge scripts for enhanced automation and invariants handling. - Updated architecture and documentation to reflect the new skill and increased connections. - General improvements and maintenance across multiple existing skills and extension packs.
v2.10.0
v2.10.0 — graft skill (port features from external repos), Feature Map system (plan v1.4.0), 23 active mesh signals, 62 skills, 215+ connections
v2.8.0
Anti-Loop Intelligence — 7 skills enriched with loop detection, saturation analysis, error pattern matching, artifact folding, budget-aware progression
v2.7.0
Deep Knowledge release — 8 core skills enriched with battle-tested patterns, Pro packs deep enrichment v1.2.0
v2.4.0
Scripts bundling: compiler copies scripts/ dirs, resolves {scripts_dir} placeholder. New slides skill (L3) with build-deck.js demo. 60 skills, 530 tests.
v2.3.1
feat: /rune list discovery command + L4 extension auto-suggest in skill-router
v2.3.0
v2.3.0: context-pack L3 skill, output contracts on all L1-L2 skills, terminal guardrails
v2.2.6
v2.2.6: +retro skill, gstack enrichments (WTF self-regulation, completeness scoring, scope lock, destructive command guard), clean listing page
v2.2.4
v2.2.4: Workflow Registry 4-view (plan), NEXUS Handoff Templates (team/cook), wave-based execution, 4-layer test methodology. From agency-agents, CLI-Anything, GSD.
v2.2.3
v2.2.3: Enriched test/debug/skill-forge/security from superpowers (89k★). CI doctor fix.
v2.2.2
58 skills, 200+ mesh connections, 14 extension packs. UI/UX Pro Max integration.
v1.0.0
Initial release of the rune-kit "adversary" skill for pre-implementation plan analysis. - Introduces an adversarial skill that stress-tests approved plans across 5 dimensions: edge cases, security, scalability, error propagation, and integration risk. - Ensures every plan is challenged with at least one specific attack vector per dimension, with findings referenced to specific plan sections. - Integrates with other Rune skills for specialized analysis (security, scalability, integration). - Automates triggering based on plan document creation and is callable via direct invocation or from other skills (e.g., during task decomposition). - Designed to catch plan flaws before code is written, improving workflow resilience.
Metadata
Slug rune-kit
Version 2.15.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 15
Frequently Asked Questions

What is Rune?

Performs adversarial red-team analysis on approved plans to identify edge cases, security risks, scalability issues, error paths, and integration risks befor... It is an AI Agent Skill for Claude Code / OpenClaw, with 452 downloads so far.

How do I install Rune?

Run "/install rune-kit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Rune free?

Yes, Rune is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Rune support?

Rune is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Rune?

It is built and maintained by NGUYEN VIET NAM (@nhadaututtheky); the current version is v2.15.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments