← Back to Skills Marketplace
79
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install nm-pensive-tiered-audit
Description
Audit a codebase using three escalation tiers: git history analysis, targeted deep-dives, and full codebase review with gating
Usage Guidance
This skill appears coherent with its stated purpose, but check a few practical things before installing: (1) Confirm you are comfortable with the agent running git commands and reading repository files (it will read flagged source files and some plugin/skill metadata like CLAUDE.md). (2) Review what 'night-market.imbue:proof-of-work' config means in your environment — ensure it doesn't contain secrets you don't want an agent to access. (3) Be aware the skill writes findings to .coordination/agents/*.findings.md — verify your workflow for handling those artifacts (they should not be auto-committed/published unless you intend it). (4) Tier 3 requires explicit user approval; keep that guard enabled if you want to avoid full-codebase audits without confirmation.
Capability Analysis
Type: OpenClaw Skill
Name: nm-pensive-tiered-audit
Version: 1.0.0
The skill bundle implements a structured, three-tier codebase audit process (git history, targeted deep-dives, and full review). It uses standard, read-only git commands (e.g., `git log`, `git diff`) to identify churn hotspots and instability patterns, and it includes a mandatory user-approval gate before escalating to the most resource-intensive tier. No evidence of data exfiltration, malicious execution, or prompt injection was found; the logic is entirely consistent with its stated purpose of code quality assessment.
Capability Assessment
Purpose & Capability
The name/description (tiered audit) match the runtime instructions: Tier 1 runs git history commands, Tier 2 reads flagged source files, Tier 3 is gated for full codebase review. The only declared requirement (night-market.imbue:proof-of-work) is referenced by the SKILL.md (output contracts / imbue modules), so it appears relevant.
Instruction Scope
Instructions explicitly run git commands, read source files in flagged areas, and write findings into .coordination/agents/*.findings.md — all expected for an audit. The doc instructs the agent to 'Load area context from plugin CLAUDE.md and skill descriptions,' which could cause the agent to open other plugin/skill metadata files in the repository; this is coherent for context-gathering but worth noting as broader file access within the repo.
Install Mechanism
There is no install spec and no code files. This is instruction-only, so nothing is downloaded or written by an installer. Risk from installs is low.
Credentials
The skill requests no environment variables or external credentials. It does declare a required config path (night-market.imbue:proof-of-work) which is referenced in the documents; this appears proportionate to the output-contract / gating mechanisms and not excessive.
Persistence & Privilege
The skill writes findings files into .coordination/agents/*.findings.md within the repository. It does not request always:true or system-wide privileges. Ensure you are comfortable with the agent creating/writing those files in your repo and that the agent is not set to auto-commit or publish these files without review.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install nm-pensive-tiered-audit - After installation, invoke the skill by name or use
/nm-pensive-tiered-audit - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of the tiered-audit skill for codebase auditing.
- Implements a three-tier process: Git history analysis (Tier 1), targeted deep-dives (Tier 2), and full codebase review with gating (Tier 3).
- Designed for escalation based on codebase risk, starting with git analysis and escalating only if needed.
- Output contract and evidence requirements defined for each tier, with file-based coordination of findings.
- Not intended for individual file reviews or architecture-only audits; see documentation for alternatives.
Metadata
Frequently Asked Questions
What is Nm Pensive Tiered Audit?
Audit a codebase using three escalation tiers: git history analysis, targeted deep-dives, and full codebase review with gating. It is an AI Agent Skill for Claude Code / OpenClaw, with 79 downloads so far.
How do I install Nm Pensive Tiered Audit?
Run "/install nm-pensive-tiered-audit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Nm Pensive Tiered Audit free?
Yes, Nm Pensive Tiered Audit is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Nm Pensive Tiered Audit support?
Nm Pensive Tiered Audit is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Nm Pensive Tiered Audit?
It is built and maintained by athola (@athola); the current version is v1.0.0.
More Skills