← Back to Skills Marketplace
santacruzg282-cyber

Macro Pipeline

by santacruzg282-cyber · GitHub ↗ · v3.0.0
cross-platform ⚠ suspicious
378
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install macro-pipeline
Description
Create and manage macro-task pipelines (QA, roadmaps, feature rollouts) using PIPELINE.md + HEARTBEAT.md pattern. Use when building multi-step project plans...
README (SKILL.md)

Macro Pipeline Skill v3

Architecture

Two files, two locations:

File Location Purpose Mutable?
PIPELINE.md Project repo (~/Documents/proyectos/\x3Cproject>/) State + progress ✅ Yes (subagents update directly)
HEARTBEAT.md Agent workspace (~/.openclaw/workspace-\x3Cagent>/) Instructions (read-only) ❌ No (locked with chflags uchg)

Why PIPELINE in the repo?

  • Subagents work in the repo → can update status without cross-path issues
  • Git-trackable (commits show when steps completed)
  • Eliminates zombie steps from path access failures

Why HEARTBEAT in workspace?

  • Operational instructions for the OpenClaw agent
  • Should not contaminate project code
  • Locked to prevent agents from overwriting their own instructions

PIPELINE.md Format

# PIPELINE — \x3CProject Name>: \x3CPipeline Title>
# Proyecto: ~/Documents/proyectos/\x3Cproject>
# Objetivo: \x3Cone-line goal>
# Creado: YYYY-MM-DD

## Step 1: \x3CTitle> [PENDING]
- engine: claude-code
- description: \x3Cwhat to do>
- files: \x3Ckey files to touch>
- verify: \x3Ccommand that proves step is done>
- artifacts: \x3Coutputs for next steps>

## Step 2: \x3CTitle> [PENDING]
- engine: claude-code
- depends_on: [1]
- description: \x3Cwhat to do>
- verify: \x3Cverification command>

Status values:

  • [PENDING] — not started
  • [RUNNING YYYY-MM-DDTHH:MM] — in progress (with timestamp)
  • [✅ COMPLETED] — done
  • [FAILED] — failed (include error reason)
  • [BLOCKED] — waiting on human or external dependency

Step fields:

  • engine:claude-code | human | deploy
  • depends_on: — list of step numbers that must be ✅ first
  • parallel: — list of steps that can run simultaneously
  • verify: — shell command to validate completion
  • artifacts: — outputs passed to dependent steps
  • files: — key files modified

HEARTBEAT.md Format

# HEARTBEAT — \x3CAgent Name>

> ⚠️ NUNCA modifiques este archivo (HEARTBEAT.md). Es read-only.

## Pipeline activo: ~/Documents/proyectos/\x3Cproject>/PIPELINE.md

## Protocolo cada heartbeat:
1. Lee el pipeline activo (ruta absoluta arriba)
2. Si hay step [PENDING] sin dependencias bloqueadas → ejecútalo
3. Marca [RUNNING YYYY-MM-DDTHH:MM] con timestamp actual
4. Ejecuta: sessions_spawn(task=..., thread=true)
5. Un step por heartbeat máximo

## Zombie Detection
Si un step lleva >2h en [RUNNING], resetear a [PENDING] y reportar.

## En sesión activa con usuario
Priorizar responder. HEARTBEAT_OK.

Cron Setup

Always use CLI, never edit openclaw.json:

openclaw cron add --name "\x3CProject> Pipeline" --agent \x3Cagent-id> --every 30m --message "Heartbeat: lee HEARTBEAT.md y ejecuta siguiente step"

Stagger schedules to avoid collisions:

  • :00/:30 → Group A
  • :15/:45 → Group B

Subagent Task Template

Include in the task prompt:

Al terminar:
1. Actualiza \x3Cabsolute-path-to-PIPELINE.md>: cambia Step X de [RUNNING] a [✅ COMPLETED] con output y artifacts
2. Si fallas, marca [FAILED] con el error
3. Notifica a Discord (action=send, channel=discord, target="channel:\x3Cid>") con resumen

Multiple Pipelines Per Project

An agent can have multiple pipeline files. HEARTBEAT specifies priority order:

Lee PIPELINE_ACTIVE.md (prioritario). Si todos completados, lee PIPELINE.md como fallback.

Parallel Execution

Steps sin dependencias cruzadas pueden ejecutarse en paralelo:

## Step 1: Task A [PENDING]
- parallel: [2, 3]

## Step 2: Task B [PENDING]
- parallel: [1, 3]

## Step 3: Task C [PENDING]
- parallel: [1, 2]

## Step 4: Task D [PENDING]
- depends_on: [1, 2, 3]

El heartbeat puede lanzar múltiples steps paralelos en un mismo ciclo si no hay dependencias.

Git Tagging

Cada step completado debe crear un commit taggeado:

git add . && git commit -m "pipeline/\x3Cproject>/step-\x3CN>: \x3Cstep title>"

Esto da trazabilidad completa del progreso en git log.

Key Rules

  1. PIPELINE.md siempre en el repo — nunca en workspace
  2. HEARTBEAT.md siempre en workspace — nunca en repo
  3. HEARTBEAT es immutable — locked con chflags uchg
  4. Crons vía CLIopenclaw cron add, nunca editar openclaw.json
  5. Un step por heartbeat — evita saturación (salvo paralelos explícitos)
  6. verify: obligatorio — cada step debe tener comando de verificación
  7. Rutas absolutas — siempre usar ~/Documents/proyectos/... en HEARTBEAT
  8. Git tag por step — commit con pipeline/\x3Cproject>/step-\x3CN>: \x3Ctitle>
  9. Parallel explícito — steps sin dependencias pueden correr en paralelo si tienen parallel:
Usage Guidance
This skill appears to do what it says, but check a few practical things before installing: - Platform: HEARTBEAT.md locking uses chflags (macOS/BSD). If your agents run on Linux, the lock instruction won't work as written. - Permissions: the agent must be allowed to edit the project repo (git commit/tag) and to add crons. Test in a non-production repo first. - External notifications: the skill instructs subagents to send summaries to Discord — make sure your agent's Discord integration/credentials exist and that you're OK with pipeline outputs (artifacts/error text) being posted externally. - Paths: the skill assumes a fixed home-path convention (~/Documents/proyectos/). Adjust PIPELINE/HEARTBEAT paths to match your environment. - Safety: because steps can run shell verify commands and produce artifacts, add guardrails (sanitization, limits on what gets posted) to avoid accidental exposure of secrets. If these assumptions match your environment and you add data-posting safeguards, the skill is coherent for its intended purpose.
Capability Analysis
Type: OpenClaw Skill Name: macro-pipeline Version: 3.0.0 The skill is classified as suspicious due to multiple shell injection vulnerabilities and prompt injection vectors. The `SKILL.md` instructs the OpenClaw agent to execute arbitrary shell commands specified in the `verify:` field of `PIPELINE.md`, and also to construct `git commit` messages using user-controlled `<step title>` from `PIPELINE.md`, both of which are direct Remote Code Execution (RCE) risks. Additionally, the `sessions_spawn(task=...)` instruction likely feeds user-controlled content into subagent prompts, creating a prompt injection vector. While these are critical vulnerabilities, there is no explicit evidence of intentional malicious behavior such as data exfiltration of sensitive files, backdoor installation, or unauthorized remote control; the external Discord notification is for operational summaries.
Capability Assessment
Purpose & Capability
The name/description match the instructions: the skill manages PIPELINE.md in a project repo and a HEARTBEAT.md in the agent workspace. Required actions (git commits, cron scheduling, heartbeat-driven execution) are appropriate for a pipeline orchestrator. Minor mismatch: instructions use macOS-specific chflags (to lock HEARTBEAT.md) and expect a specific user path (~/Documents/proyectos/) without an OS restriction; these are implementation assumptions rather than capability issues.
Instruction Scope
SKILL.md gives detailed runtime steps (read PIPELINE.md, mark RUNNING/COMPLETED/FAILED, run verify commands, spawn sessions, create git commits, add crons). These are in-scope for an autonomous pipeline manager. Points to watch: it instructs subagents to notify Discord (external endpoint) and to write artifacts/outputs into the repo — both are expected but could expose sensitive outputs if not restricted. It also references internal runtime calls (sessions_spawn) and a CLI (openclaw cron add); those are plausible for this platform but are assumptions the runtime must provide.
Install Mechanism
Instruction-only skill with no install spec or code files — lowest install risk.
Credentials
The skill declares no required environment variables or credentials. It does assume the agent has permissions to commit to repos, run cron commands, lock files, and (optionally) send messages to Discord via whatever integration the agent already has; those are reasonable operational assumptions but you should confirm the agent's connectors/credentials are present and constrained.
Persistence & Privilege
always is false and the skill does not request persistent system-wide modifications beyond using crons and committing to repos under the user's control. It does not modify other skills' configurations. No elevated or force-inclusion privileges are requested.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install macro-pipeline
  3. After installation, invoke the skill by name or use /macro-pipeline
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v3.0.0
**Major architecture update: macro-pipeline v3 introduces a robust, dual-file workflow for managing autonomous, multi-step project pipelines.** - PIPELINE.md now lives in the project repo and stores all pipeline state, enabling subagents to track progress via Git. - HEARTBEAT.md is read-only in the agent workspace, delivering locked operational instructions and preventing accidental modification. - Clear, enforced patterns for status handling, parallel step execution, step verification, cron scheduling, and Git tagging. - Enhanced zombie step detection, cross-path reliability, and multiple pipeline support per project. - Strict separation and immutability rules between pipeline states and agent instructions for safer, traceable automation.
Metadata
Slug macro-pipeline
Version 3.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Macro Pipeline?

Create and manage macro-task pipelines (QA, roadmaps, feature rollouts) using PIPELINE.md + HEARTBEAT.md pattern. Use when building multi-step project plans... It is an AI Agent Skill for Claude Code / OpenClaw, with 378 downloads so far.

How do I install Macro Pipeline?

Run "/install macro-pipeline" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Macro Pipeline free?

Yes, Macro Pipeline is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Macro Pipeline support?

Macro Pipeline is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Macro Pipeline?

It is built and maintained by santacruzg282-cyber (@santacruzg282-cyber); the current version is v3.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments