← Back to Skills Marketplace
Post Deployment Verifier
by
charlie-morrison
· GitHub ↗
· v1.0.0
· MIT-0
45
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install post-deployment-verifier
Description
Verify deployments are healthy after release — check endpoints, compare response schemas, validate metrics, run smoke tests, verify database migrations, and...
Usage Guidance
This skill appears to implement useful post-deploy checks, but it performs broad environment and system scanning that is not declared. Before installing or letting an agent run it (especially autonomously or in production):
- Inspect the full SKILL.md (and any truncated parts) line-by-line and confirm there are no unexpected network destinations or exfil paths.
- Run the script manually in a safe staging environment to observe exactly what it reads (env, logs, files).
- Remove or restrict the 'env | grep' discovery if you do not want all environment variables examined; prefer an explicit config (.deploy-verify.json) listing endpoints.
- Ensure the agent runs with minimal privileges (non-root) so journalctl/docker logs are limited, or run checks that don't require elevated access.
- Ask the publisher for source/homepage and to declare required env vars and tools (docker, journalctl, rg, python3, git) so you can make an informed consent decision.
If you cannot review or confine its runtime, avoid running this skill in production where environment variables or logs may contain secrets.
Capability Analysis
Type: OpenClaw Skill
Name: post-deployment-verifier
Version: 1.0.0
The skill is a post-deployment verification utility designed to automate health checks, response schema validation, and resource monitoring. It uses standard system tools like curl, docker, and journalctl to inspect service status and logs (SKILL.md). While it scans environment variables for service URLs, it includes safety checks to ensure only HTTP/S endpoints are targeted, and its behavior remains strictly aligned with its stated purpose of deployment verification.
Capability Assessment
Purpose & Capability
The declared purpose (health checks, response validation, metrics, migrations) lines up with the commands in SKILL.md (curl, response parsing, package.json/git lookup, docker logs, journalctl, docker-compose, k8s manifests). However the skill also instructs general environment variable scanning and reading system logs and manifests which expand its scope beyond a simple HTTP smoke-test; these actions can be legitimate for a deployment verifier but should be explicitly declared.
Instruction Scope
The runtime instructions instruct the agent to: enumerate environment variables (env | grep -iE "URL|HOST|ENDPOINT|SERVICE"), scan docker-compose and k8s yaml files, run curl against discovered endpoints, invoke python to fetch/parse JSON, run docker ps/logs, run journalctl/systemctl queries, and use git commands. The SKILL.md therefore reads environment variables and system logs and runs commands that can surface secrets or sensitive data. The skill's declared requirements list no environment access or binaries, so the instructions are broader than the declared surface.
Install Mechanism
Instruction-only skill with no install spec and no code files. That minimizes disk-write/remote-install risk.
Credentials
No required environment variables are declared, but the script probes the environment for any variables matching common host/URL patterns. That is a mismatch: the skill silently reads all env vars and could capture connection strings, tokens, or other secrets. It also reads system-level logs (docker logs, journalctl) without declaring elevated access or required tools.
Persistence & Privilege
always is false, and the skill does not request to modify other skills or system-wide configs. It does attempt operations (journalctl, docker logs, git) that may require elevated permissions, but it does not request persistent privileges or forced installation.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install post-deployment-verifier - After installation, invoke the skill by name or use
/post-deployment-verifier - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Post-Deployment Verifier v1.0.0
- Initial release.
- Verifies deployment health by checking service endpoints, response schemas, metrics, error rates, database migrations, and resource usage.
- Provides a full post-deployment verification (`verify`), a fast health check (`quick`), config generation (`config`), and a deployment confidence report (`report`).
- Supports Docker, Kubernetes, Node.js (Prisma, TypeORM, Sequelize), Django, and Rails environments.
Metadata
Frequently Asked Questions
What is Post Deployment Verifier?
Verify deployments are healthy after release — check endpoints, compare response schemas, validate metrics, run smoke tests, verify database migrations, and... It is an AI Agent Skill for Claude Code / OpenClaw, with 45 downloads so far.
How do I install Post Deployment Verifier?
Run "/install post-deployment-verifier" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Post Deployment Verifier free?
Yes, Post Deployment Verifier is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Post Deployment Verifier support?
Post Deployment Verifier is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Post Deployment Verifier?
It is built and maintained by charlie-morrison (@charlie-morrison); the current version is v1.0.0.
More Skills