← Back to Skills Marketplace
PMP-Agentclaw
by
CyberneticsPlus
· GitHub ↗
· v1.0.3
732
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install pmp-agentclaw
Description
AI project management assistant for planning, tracking, and managing projects using industry-standard methodologies. Use when asked to plan projects, track s...
Usage Guidance
This skill appears to implement the advertised project-management features and does not request credentials or perform external network calls. Things to check before installing:
- Verify source/repository: the package.json points to a GitHub URL but the registry metadata shows Source: unknown and Homepage: none. If possible, inspect the repository on GitHub (or obtain the author’s repository) and confirm it matches the package contents.
- Clarify the SKILL.md 'install' metadata: SKILL.md contains an install entry (kind: download) but no download URL or install spec was provided in the registry — ask the publisher whether an external installer is required. Prefer building/installing from the code you reviewed rather than permitting an automatic remote download.
- Run locally in an isolated environment first: build (npm install / npm run build) and run the CLI commands locally (node dist/cli/*) to confirm behavior. This also prevents any surprise network activity from an unreviewed installer.
- Be cautious when supplying file or directory paths to the CLI (--file or projectDir): the CLI will read those files to compute EVM/risks/health — don't point it at system directories or credentials. Only provide project files you intend to analyze.
- If you need higher assurance, review the omitted source files (remaining core/health implementation) and run the code through static scanners locally. Because no scan findings were detected in the provided metadata, that absence is not a guarantee — local verification is recommended.
Overall: coherent and proportionate for a PM assistant, with a small metadata/install inconsistency to resolve and a general recommendation to verify the GitHub source and install from the reviewed code in a sandboxed environment.
Capability Analysis
Type: OpenClaw Skill
Name: pmp-agentclaw
Version: 1.0.3
The skill bundle provides legitimate project management functionalities, including CLI tools for earned value management, risk scoring, velocity tracking, and project health checks. It is classified as 'suspicious' due to the inherent risk of file system access in `dist/cli/health-check.js` and `dist/cli/score-risks.js`. These tools can read user-specified directories or JSON files, which, if misused by an AI agent or a malicious user, could lead to unauthorized exposure of file existence, metadata, or content (for JSON files). While this capability is plausibly needed for the skill's stated purpose, it represents a vulnerability in how the AI agent might interpret or be prompted to use these functions, rather than intentional malice within the skill's code itself. No evidence of data exfiltration, persistence, or other malicious intent was found.
Capability Assessment
Purpose & Capability
The name/description (project management: EVM, risk scoring, velocity, health checks, WBS, Gantt, RACI) align with the included source, compiled dist files, templates, and CLI commands. The only oddity: SKILL.md frontmatter includes an 'install' entry (id: pmp-agent-install, kind: download) but the registry metadata/install specifications shown to me do not include a download URL or install spec — the package itself contains code and local templates and requires only Node. This is likely a documentation metadata mismatch rather than a capability problem.
Instruction Scope
Runtime instructions (SKILL.md) direct the agent to follow 15 PM rules and to load templates/configs from the skill directory ({baseDir}/configs, {baseDir}/templates). The CLI code reads files the user expressly provides (--file) and resolves a project directory for health checks; there are no instructions to read unrelated system files, environment secrets, or to phone home. Behavior stays within the project-management domain.
Install Mechanism
The package is primarily instruction + included code (dist/ compiled JS present). There is no registry install spec that downloads arbitrary code at runtime. The SKILL.md contains an 'install' metadata item that claims a download install (kind: download) but no download URL or external host is present in the repo or files examined. That inconsistency should be clarified (documentation mismatch) but there is no evidence of a high-risk remote installer or obfuscated download.
Credentials
The skill requests no environment variables or credentials and the code doesn't reference external secrets or cloud credentials. CLI tools accept file paths and project-dir inputs (user-specified), which is expected for a PM utility. No disproportionate secret access is requested.
Persistence & Privilege
Metadata flags: always=false (not force-included), disable-model-invocation=false (normal), user-invocable=true. The skill does not request elevated or persistent system privileges and does not modify other skills' configs. Autonomous invocation is allowed by default on the platform but this skill does not combine that with other high-risk behaviors.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install pmp-agentclaw - After installation, invoke the skill by name or use
/pmp-agentclaw - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.3
- Added package-lock.json for dependency tracking.
- Updated rule instructions: WBS and Gantt chart generation now reference only templates, not CLI commands.
- Rule 14: Health check command updated from `npx pmp-agent health-check` to `npx pmp-agentclaw health-check`.
- No functional code or behavioral changes; documentation and config improvements only.
v1.0.2
- Simplified all project management rules for clarity and beginner accessibility.
- Rewrote guidance on cost, schedule, and risk tracking with plain-language formulas and color-coded alerts.
- Revised the RACI, stakeholder communication, and change control processes for easier real-world use.
- Added new templates and config files for communications, stakeholder analysis, change requests, and common PM tasks.
- Ensured every rule and guideline is actionable with clear steps and examples.
- No changes were made to underlying calculations or TypeScript API usage.
v1.0.0
- Initial release of pmp-agentclaw, an AI project management assistant.
- Supports planning, tracking, and management for predictive (waterfall), adaptive (agile), and hybrid project methodologies.
- Automates creation of project charters, work breakdown structures, Gantt schedules, risk registers, RACI matrices, and status reports.
- Provides tools for earned value management, sprint ceremonies, stakeholder management, and formal change control.
- Enforces 15 rules to ensure adherence to industry-standard project management practices.
- Includes TypeScript API for EVM, risk scoring, and velocity calculations.
Metadata
Frequently Asked Questions
What is PMP-Agentclaw?
AI project management assistant for planning, tracking, and managing projects using industry-standard methodologies. Use when asked to plan projects, track s... It is an AI Agent Skill for Claude Code / OpenClaw, with 732 downloads so far.
How do I install PMP-Agentclaw?
Run "/install pmp-agentclaw" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is PMP-Agentclaw free?
Yes, PMP-Agentclaw is completely free (open-source). You can download, install and use it at no cost.
Which platforms does PMP-Agentclaw support?
PMP-Agentclaw is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created PMP-Agentclaw?
It is built and maintained by CyberneticsPlus (@cyberneticsplus); the current version is v1.0.3.
More Skills