← Back to Skills Marketplace
shangyankeji

Super Dev Pipeline

by SYHUB · GitHub ↗ · v2.3.0 · MIT-0
cross-platform ⚠ suspicious
313
Downloads
1
Stars
1
Active Installs
3
Versions
Install in OpenClaw
/install super-dev
Description
Super Dev pipeline governance: research-first, commercial-grade AI coding delivery with 10 expert roles, quality gates, and audit artifacts.
Usage Guidance
This skill appears internally consistent for a local dev pipeline: it expects a local 'super-dev' CLI and operates on project files and outputs. Before installing or enabling it, do the following: (1) Verify the source and authenticity of the 'super-dev' package (inspect the PyPI/package repo, check maintainer and release history). (2) Review what the installed super-dev binary and the @super-dev OpenClaw plugin actually do (read their code or run in a sandbox) because the Skill grants the agent the ability to run CLI commands and access project files. (3) Avoid placing secrets or cloud credentials in knowledge/ or output/ directories the skill will read. (4) Consider running the package in an isolated environment (container or VM) first. If you cannot inspect the super-dev package or plugin source, treat activation as higher risk.
Capability Analysis
Type: OpenClaw Skill Name: super-dev Version: 2.3.0 The skill bundle defines a comprehensive AI development pipeline but includes a high-risk tool, `super_dev_run`, which is described in `SKILL.md` as allowing the execution of arbitrary CLI commands. While the documentation in `references/commands.md` suggests this is intended for specific pipeline stages (e.g., `super-dev run frontend`), the unconstrained tool definition creates a significant Remote Code Execution (RCE) vulnerability. No clear evidence of intentional malice or data exfiltration was observed, but the broad execution capability is a major security concern.
Capability Assessment
Purpose & Capability
Name/description, declared required binary (super-dev), the listed Tools and the SKILL.md all describe a dev pipeline/governance system and consistently require a local super-dev CLI. Reading project knowledge files and producing output docs is coherent with the stated purpose.
Instruction Scope
Instructions mandate reading local project knowledge (knowledge/, output/*, .super-dev state files) and enforce quality gates and manual confirmation — all reasonable for a pipeline. The skill (and its Tools) also allow running arbitrary CLI commands via super_dev_run, and the agent is expected to perform network research when not offline. That broad host-level capability is consistent with a dev tool but increases risk if the underlying CLI or plugin is malicious or misconfigured.
Install Mechanism
Install spec points to a package install (labelled 'pip install super-dev') rather than an arbitrary download; this is more traceable than a direct URL but still involves installing third‑party code from a package registry (moderate risk). No suspicious download URLs or archive extracts are present in the spec.
Credentials
The skill declares no required environment variables, credentials, or config paths beyond needing the super-dev binary. The files and instructions reference only project-local paths, which are proportionate to a pipeline/governance tool.
Persistence & Privilege
always:false and normal model invocation mean the skill is not force-included and does not request elevated platform privileges. It does instruct installing a plugin and using the local CLI, which is normal for this class of tool and confined to its own scope.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install super-dev
  3. After installation, invoke the skill by name or use /super-dev
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.3.0
No user-visible changes in this version (2.2.1); the SKILL.md remains unchanged.
v2.2.0
- Updated documentation to clarify separation between Plugin and Skill roles, emphasizing Plugin Tool orchestration via OpenClaw. - Stronger and clearer knowledge base contract: each pipeline stage must load and enforce relevant knowledge files and cache, with explicit mappings and constraints. - Step-by-step pipeline now described via Tool calls (e.g. super_dev_pipeline, super_dev_review, super_dev_spec) rather than CLI commands. - Revised first-response template; startup flow, confirmation gates, and recovery instructions streamlined for simpler user guidance. - Strict UI governance and return-workflow rules now summarized in clear tables, including prohibited patterns and recovery actions. - All references to numbered CLI stages and in-depth stage-by-stage descriptions have been simplified in favor of concise, actionable Tool-based workflow.
v1.0.0
super-dev 1.0.0 – Initial release - Introduces a comprehensive AI DevOps pipeline with 10 expert roles and 9 sequential stages, including quality gates and audit artifacts. - Enforces strict workflows: research, three core docs, user confirmation, spec/tasks, frontend-first, then backend/testing/delivery. - Mandates explicit user confirmation gates before proceeding at key stages (core docs, frontend preview, quality review). - Integrates local knowledge as strict constraints for every pipeline step. - Provides detailed user guidance and standard templates for every phase, including how to respond, resume, or revise. - Supports flexible recovery, stage-specific execution, and enforceable rework protocols based on user or quality feedback.
Metadata
Slug super-dev
Version 2.3.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 3
Frequently Asked Questions

What is Super Dev Pipeline?

Super Dev pipeline governance: research-first, commercial-grade AI coding delivery with 10 expert roles, quality gates, and audit artifacts. It is an AI Agent Skill for Claude Code / OpenClaw, with 313 downloads so far.

How do I install Super Dev Pipeline?

Run "/install super-dev" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Super Dev Pipeline free?

Yes, Super Dev Pipeline is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Super Dev Pipeline support?

Super Dev Pipeline is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Super Dev Pipeline?

It is built and maintained by SYHUB (@shangyankeji); the current version is v2.3.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments