← Back to Skills Marketplace
AI Skill Creator (EN)
by
JohnSmithfan
· GitHub ↗
· v1.1.0-en2
· MIT-0
128
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install ai-skill-creator
Description
AI公司 Skill 创作工作流(CTO MLOps + CISO securitystandard版)。当需要从头create新 Skill(包括初始化目录结构、编写 SKILL.md、引用文件、脚本资源、securityreview、quality gate)时使用。trigger关键词:createSkil...
README (SKILL.md)
\r \r
AI Skill 创作工作流(CTO × CISO standard)\r
\r
executerole:Skill 开发者(CTO 技术栈 + CISO security护栏)\r 版本:v1.0.0(CTO-001 MLOps 生命cycle × CISO-001 securityreview)\r compliance状态:✅ CISO securityreview后publish,⚠️ prohibit跳过security门禁\r \r ---\r \r
核心principle\r
\r
- CTO MLOops 生命cycle:所有 Skill 必须走6phasestandardprocess\r
- CISO security门禁:每个phase内置security检查,security未通过不得进入下1phase\r
- 零信任架构:所有脚本/资源必须经过securityreview,prohibit引入恶意代码\r
- 渐进式披露:SKILL.md 精简(\x3C500行),详细文档放 references/\r \r ---\r \r
Agent 调用接口(Inter-Agent Interface)\r
\r
版本:v1.1.0(新增接口层)\r securityConstraint:接口本身零新增攻击面,所有输入参数均经过verify\r \r ---\r \r
接口身份\r
\r
| 属性 | 值 |\r
|------|-----|\r
| 接口 ID | skill-creator-v1 |\r
| 调用方式 | sessions_send / sessions_spawn (isolated) |\r
| 会话Goal | isolated(强制隔离,防止交叉污染)|\r
| 最低permission | L3(可读 workspace,可写 skills/) |\r
| CISO Constraint | 🚨 securityreview任务(security-review)必须 CISO-001 authorize |\r
\r
---\r
\r
TASK 消息格式\r
\r
{\r
"skill": "ai-skill-creator",\r
"version": "1.1.0",\r
"task": "\x3Ctask-type>",\r
"params": { ... },\r
"context": {\r
"caller": "\x3Ccaller-agent-id>",\r
"priority": "\x3CP0|P1|P2|P3>",\r
"security-review-required": true,\r
"isolated": true\r
}\r
}\r
```\r
\r
### 可用 Task 类型\r
\r
| Task | 参数 | 返回 | Description |\r
|------|------|------|------|\r
| `create` | `name`, `description`, `version`, `risk-level`, `caller` | `{dir, status}` | create新 Skill |\r
| `design-review` | `skill-name`, `design-doc`, `caller` | `{issues[], status}` | design文档review |\r
| `security-review` | `skill-path`, `caller`, `authorization` | `{cvss, flags[], verdict}` | 🚨 CISO authorizesecurityreview |\r
| `quality-gate` | `skill-path`, `gate-level` | `{passed[], failed[], verdict}` | quality gate检查 |\r
| `package` | `skill-path`, `output-dir` | `{artifact, checksum}` | 打包为 .skill |\r
| `publish` | `skill-path`, `slug`, `version`, `changelog` | `{url, version}` | publish到 ClawHub |\r
\r
### Task 参数 Schema\r
\r
#### `create` 参数\r
\r
```json\r
{\r
"name": "string (required, [a-z][a-z0-9-]{2,64})",\r
"description": "string (required, >50 chars, describes triggers + actions)",\r
"version": "string (required, semver X.Y.Z)",\r
"risk-level": "low | medium | high | critical",\r
"caller": "string (required, agent ID of requester)",\r
"refs": {\r
"design-doc": "string (optional, path to references/design.md)",\r
"security-notes": "string (optional, security considerations)"\r
}\r
}\r
```\r
\r
**输入verify规则**:\r
- `name`:正则 `^[a-z][a-z0-9-]{2,64}$`,prohibit `..`、`/`、空格\r
- `description`:长度 > 50 字符,否则rejectcreate\r
- `version`:semver 格式verify,不符则reject\r
- `risk-level`:`critical` trigger强制 CISO 双审\r
\r
#### `security-review` 参数\r
\r
```json\r
{\r
"skill-path": "string (required, absolute path to skill dir)",\r
"caller": "string (required, agent ID)",\r
"authorization": "string (required, must be CISO-001 for critical/high)",\r
"scan-depth": "basic | full (default: full)"\r
}\r
```\r
\r
**authorizeverify**:\r
```python\r
# 伪代码verify逻辑\r
if params["skill-path"].contains(".."):\r
raise PermissionError("Path traversal rejected")\r
\r
if risk_level == "critical" and params["authorization"] != "CISO-001":\r
raise PermissionError("Critical risk requires CISO-001 authorization")\r
\r
if not params["skill-path"].startswith(trusted_base_dirs):\r
raise PermissionError("Skill path outside trusted directories")\r
```\r
\r
### 返回值 Schema\r
\r
```json\r
{\r
"status": "success | error | pending | rejected",\r
"task": "\x3Ctask-type>",\r
"result": { ... },\r
"meta": {\r
"reviewer": "\x3Cagent-id>",\r
"duration-ms": "\x3Celapsed>",\r
"cvss-score": "\x3Cif security-review>",\r
"verdict": "APPROVED | CONDITIONAL | REJECTED"\r
}\r
}\r
```\r
\r
### 错误码\r
\r
| Code | Meaning | Action |\r
|------|---------|--------|\r
| `E_NAME_INVALID` | Skill 名称不compliance | 返回verify错误,不create |\r
| `E_PATH_TRAVERSAL` | path含 `..` | reject,reportsecurity incident |\r
| `E_UNAUTH` | 未authorizeexecutesecurityreview | reject,notify CISO |\r
| `E_CVSS_HIGH` | CVSS ≥ 7.0 | rejectpublish,trigger修复process |\r
| `E_GATE_FAILED` | quality gate未通过 | 返回 failed 项列表 |\r
| `E_DUPLICATE` | Skill slug 已存在 | reject,建议新名称 |\r
\r
### Agent 间调用示例\r
\r
```markdown\r
# CTO-001 请求create Skill\r
sessions_send(sessionKey="cto-isolated", message="\r
skill: ai-skill-creator\r
task: create\r
params:\r
name: pdf-processor\r
description: PDF processing skill. Triggers: read PDF, split PDF, merge PDF, rotate PDF.\r
version: 1.0.0\r
risk-level: low\r
caller: CTO-001\r
security-review-required: false\r
")\r
\r
# CISO-001 请求securityreview\r
sessions_send(sessionKey="ciso-isolated", message="\r
skill: ai-skill-creator\r
task: security-review\r
params:\r
skill-path: C:/Users/Admin/.qclaw/skills/pdf-processor\r
caller: CISO-001\r
authorization: CISO-001\r
scan-depth: full\r
")\r
```\r
\r
### securityConstraint(接口层)\r
\r
```\r
🚨 接口security红线:\r
• skill-path 参数reject任何含 .. 的path(path遍历defend)\r
• authorization 字段仅接受 CISO-001 签名的review任务\r
• 隔离execute:所有 agent 调用必须在 isolated 会话中运行\r
• 日志脱敏:返回结果不得含 caller 私人data\r
• 最小respond:返回结果仅包含必要字段,不暴露内部实现\r
```\r
\r
### 与其他 Skill 的接口关系\r
\r
| 调用方 | Task | trigger条件 |\r
|--------|------|---------|\r
| **CTO-001** | `create`, `package`, `publish` | 新 Skill 开发立项 |\r
| **CISO-001** | `security-review` | securityreviewauthorize |\r
| **CQO-001** | `quality-gate` | 质量验收 |\r
| **ai-skill-maintainer** | `create` (子 Skill) | 维护process需新建子 Skill |\r
| **ai-skill-optimizer** | `quality-gate` | optimize后质量复验 |\r
\r
---\r
\r
## 6phase创作process(MLOps Lifecycle for Skill)\r
\r
### Phase 0 — 准备:create目录结构\r
\r
**强制使用 init_skill.py 脚本**,prohibit手动 mkdir:\r
\r
```powershell\r
# Windows\r
python.exe \x3Copenclaw_path>\skills\skill-creator\scripts\init_skill.py \x3Cskill-name> --path ~/.qclaw/skills\r
\r
# Linux/macOS\r
python3 \x3Copenclaw_path>/skills/skill-creator/scripts/init_skill.py \x3Cskill-name> --path ~/.qclaw/skills\r
```\r
\r
生成结构:\r
```\r
~/.qclaw/skills/\x3Cskill-name>/\r
├── SKILL.md # 主文件(必需)\r
├── scripts/ # 可execute脚本\r
├── references/ # 参考文档\r
└── assets/ # 静态资源\r
```\r
\r
> ⚠️ **CISO security规则**:不得在 `resources/openclaw/config/skills/` 下create Skill(系统目录,会在update时清空)\r
\r
---\r
\r
### Phase 1 — 需求analyze(Ideation)\r
\r
**输入**:用户描述 Skill 用途、trigger场景、GoalFunction\r
\r
**输出**:Skill design文档(写入 `references/design.md`)\r
\r
**必须回答**:\r
1. Skill 的核心Function是什么?trigger条件是什么?\r
2. 需要哪些工具permission?(read/write/exec/network)\r
3. 是否涉及敏感data?(PII/凭证/密钥)\r
4. 最小permissionprinciple:能否用更少的permission实现?\r
5. Skill 之间的依赖关系?\r
\r
**CISO securityassess(Phase 1 输出)**:\r
\r
| assess项 | 问题 | 决策 |\r
|--------|------|------|\r
| 敏感data访问 | 是否读取 MEMORY.md/USER.md/SOUL.md? | 🚨 需明确Description用途 |\r
| 外部网络 | 是否调用外部 API? | 🚨 列出域名/IP |\r
| 命令execute | 是否需要 exec/bash? | 🚨 列出所需命令 |\r
| 凭证请求 | 是否要求用户提供密钥? | 🚨 reject,优先用环境变量 |\r
| 文件写入 | 写入范围是否限定在 workspace? | ✅ 是,❌ 否则重design |\r
\r
**security决策**:任意 🚨 项未resolve → 停止,notify用户\r
\r
---\r
\r
### Phase 2 — 架构design\r
\r
**输出**:`references/architecture.md`\r
\r
**designstandard**:\r
\r
#### SKILL.md 结构standard\r
```markdown\r
---\r
name: \x3Cskill-name>\r
version: X.Y.Z\r
description: | # 必需,描述trigger时机和Function范围(>50字)\r
\x3Ctrigger关键词> → \x3Cexecute动作>\r
当用户\x3C做什么>时trigger,execute\x3C什么Function>\r
metadata:\r
{"openclaw":{"emoji":"\x3Cemoji>","os":["linux","darwin","win32"]}}\r
---\r
\r
# \x3CSkill 名称>\r
\r
## Overview(\x3C10行)\r
\r
## 核心Function(模块化,每个\x3C50行)\r
\r
## security考虑(如有)\r
\r
## 常见错误\r
```\r
\r
#### Frontmatter 必需字段\r
\r
| 字段 | 要求 | 示例 |\r
|------|------|------|\r
| `name` | 英文小写+连字符 | `pdf-processor` |\r
| `version` | semver X.Y.Z | `1.0.0` |\r
| `description` | >50字,描述trigger时机 | 见上方模板 |\r
| `metadata.openclaw.emoji` | 1个 emoji | `"🔒"` |\r
| `metadata.openclaw.os` | 支持的 OS | `["linux","win32"]` |\r
\r
#### 目录结构standard\r
- ✅ `SKILL.md`(必需)\r
- ✅ `scripts/`(可选,脚本需测试)\r
- ✅ `references/`(可选,详细文档放此处)\r
- ✅ `assets/`(可选,静态资源)\r
- ❌ `README.md`(prohibit)\r
- ❌ `CHANGELOG.md`(prohibit)\r
- ❌ `INSTALLATION_GUIDE.md`(prohibit)\r
\r
**CISO security架构review**:\r
\r
| 威胁类型(STRIDE)| defend措施 |\r
|-----------------|---------|\r
| **S**poofing | Skill 名称不得伪造系统命令 |\r
| **T**ampering | 所有文件path需verify,不接受动态path拼接用户输入 |\r
| **I**nfo Disclosure | prohibit在 Skill 中硬编码密钥/令牌 |\r
| **D**enial of Service | prohibit无限循环/递归的文件操作 |\r
| **E**levation | permission不得超出design范围 |\r
\r
---\r
\r
### Phase 3 — 实现(Implementation)\r
\r
**输出**:完整的 `SKILL.md`、`scripts/`、`references/`、`assets/`\r
\r
#### SKILL.md 编写standard\r
\r
**描述字段(description)必须包含**:\r
1. **trigger关键词**(用户说什么会激活此 Skill)\r
2. **execute动作**(Skill 做什么)\r
3. **文件格式**(输入/输出文件类型)\r
4. **security边界**(如果涉及敏感操作)\r
\r
**Body 编写principle**:\r
- 使用命令式/不定式语气("Use X to do Y","Do not use Z")\r
- 避免冗余解释(Claude 已经很聪明)\r
- 代码示例优先于文字Description\r
- 引用文件链接到 `references/`(渐进式披露)\r
\r
#### 脚本编写standard\r
\r
**必须遵守**:\r
```markdown\r
## 脚本security红线(🚨 违反即reject)\r
\r
🚫 prohibit:\r
• curl/wget 到未知 URL\r
• 将data发送到外部服务器\r
• 请求凭证/令牌/API密钥(环境变量接收除外)\r
• 读取 ~/.ssh ~/.aws ~/.config 等敏感目录\r
• 访问 MEMORY.md USER.md SOUL.md IDENTITY.md\r
• 使用 base64 decode 未知内容\r
• 使用 eval()/exec() handle外部输入\r
• 修改 workspace 外的系统文件\r
• 安装包但不列出所需依赖\r
• 网络调用到裸 IP(非域名)\r
• 混淆代码(压缩/编码/混淆)\r
• 请求enhancepermission/sudo\r
• 访问浏览器 cookie/session\r
```\r
\r
**脚本必须包含**:\r
1. 用途Description(注释)\r
2. 输入参数Description\r
3. 输出Description\r
4. 错误handle\r
5. security检查(如适用)\r
\r
#### 资源文件standard\r
\r
| 资源类型 | 存放位置 | standard |\r
|---------|---------|------|\r
| 参考文档 | `references/` | >100行需加目录导航 |\r
| 脚本 | `scripts/` | 需可execute测试 |\r
| 静态资源 | `assets/` | 不加载到上下文 |\r
\r
---\r
\r
### Phase 4 — securityreview(Security Review)\r
\r
> ⚠️ **强制门禁**:CISO review必须通过,否则prohibitpublish\r
\r
**reviewprocess**:\r
\r
#### Step 1:代码review(MANDATORY)\r
\r
逐文件review,查找以下 **RED FLAGS**:\r
\r
```\r
🚨 REJECT IMMEDIATELY IF YOU SEE:\r
─────────────────────────────────────────\r
• curl/wget → 未知 URL\r
• data发送 → 外部服务器\r
• 凭证请求 → 密钥/令牌\r
• 读取 ~/.ssh ~/.aws ~/.config\r
• 访问 MEMORY/USER/SOUL/IDENTITY.md\r
• base64 decode → 未知内容\r
• eval() / exec() → 外部输入\r
• 修改 workspace 外文件\r
• 安装包 → 未列依赖\r
• 网络调用 → 裸 IP\r
• 混淆代码\r
• 请求 sudo/enhancepermission\r
• 访问浏览器 cookie\r
• 接触凭证文件\r
─────────────────────────────────────────\r
```\r
\r
#### Step 2:permissionassess\r
\r
| permission类型 | 检查项 | 决策 |\r
|---------|--------|------|\r
| 文件读取 | 列出所有读取path | verify合理性 |\r
| 文件写入 | 列出所有写入path | 限定 workspace |\r
| 命令execute | 列出所有命令 | verify必要性 |\r
| 网络访问 | 列出所有域名/IP | verify可信度 |\r
\r
#### Step 3:依赖扫描\r
\r
```bash\r
# 检查脚本中声明的依赖\r
# Node.js: npm list \x3Cpackage>\r
# Python: pip freeze | grep \x3Cpackage>\r
# verify无已知 CVE(CVSS ≥ 7.0)\r
```\r
\r
#### Step 4:漏洞评分(CVSS)\r
\r
| CVSS | 严重性 | 决策 |\r
|------|--------|------|\r
| 9.0-10.0 | Critical | 🚫 rejectpublish |\r
| 7.0-8.9 | High | 🚫 rejectpublish,修复后重审 |\r
| 4.0-6.9 | Medium | ⚠️ notify用户,可修复后publish |\r
| 0.1-3.9 | Low | ✅ 通过 |\r
\r
#### Step 5:STRIDE 威胁建模\r
\r
| 威胁 | assess问题 | defendplan |\r
|------|---------|---------|\r
| S | Skill 名称是否可被劫持? | prohibit与系统命令同名 |\r
| T | path参数是否可注入? | verify输入,reject `../` |\r
| R | 操作是否可否认? | record操作日志(引用文件) |\r
| I | 敏感data是否泄露? | PII 过滤,密钥不放代码 |\r
| D | 是否有 DoS risk? | 资源restrict,超时中断 |\r
| E | permission是否超出最小permission? | review工具permission列表 |\r
\r
**securityreviewreport模板**:\r
\r
```\r
════════════════════════════════════════════════════\r
SKILL SECURITY REVIEW REPORT\r
════════════════════════════════════════════════════\r
Skill: \x3Cname>\r
Version: \x3Cversion>\r
Reviewer: CISO-001\r
Date: \x3CISO date>\r
────────────────────────────────────────────────────\r
🔴 RED FLAGS: [None / List with CVSS scores]\r
\r
🟡 PERMISSIONS REVIEW:\r
• Files Read: [list]\r
• Files Write: [list]\r
• Commands: [list]\r
• Network: [list]\r
\r
🟢 STRIDE MODELING:\r
• S (Spoofing): [Pass/Fail] — \x3Creason>\r
• T (Tampering): [Pass/Fail] — \x3Creason>\r
• R (Repudiation):[Pass/Fail] — \x3Creason>\r
• I (Info Disclosure): [Pass/Fail] — \x3Creason>\r
• D (Denial of Service):[Pass/Fail] — \x3Creason>\r
• E (Elevation): [Pass/Fail] — \x3Creason>\r
\r
📊 CVSS SCORE: \x3CX.Y> (\x3Cseverity>)\r
────────────────────────────────────────────────────\r
VERDICT: [✅ APPROVED / 🚫 REJECTED / ⚠️ CONDITIONAL]\r
\r
ACTION ITEMS: [list if any]\r
════════════════════════════════════════════════════\r
```\r
\r
---\r
\r
### Phase 5 — quality gate(Quality Gate)\r
\r
**CTO 强制quality gate(全部通过方可publish)**:\r
\r
| 质量门 | 检查项 | 工具/方法 | 通过standard |\r
|--------|--------|---------|---------|\r
| **G0** 文件结构 | 目录结构符合standard | 人工检查 | 4个目录齐全 |\r
| **G1** Frontmatter | YAML 格式正确,必需字段存在 | 解析 YAML | name/description/version/emoji 齐全 |\r
| **G2** 描述质量 | description > 50字,含trigger关键词 | 人工review | 包含trigger时机+execute动作 |\r
| **G3** security扫描 | 无 RED FLAGS,无高危漏洞 | Phase 4 review | CVSS \x3C 7.0 |\r
| **G4** 文档完整性 | 核心process有Description,引用文件有链接 | 人工review | 无悬空引用 |\r
| **G5** 脚本测试 | scripts/ 下脚本可execute | 实际运行测试 | 零报错 |\r
\r
**Quality Gate Checklist**(save至 `references/quality-gate.md`):\r
\r
```markdown\r
## Quality Gate Checklist\r
\r
- [ ] G0: 目录结构正确(SKILL.md + scripts/ + references/ + assets/)\r
- [ ] G1: Frontmatter 完整(name, version, description, emoji)\r
- [ ] G2: description > 50字,含trigger关键词\r
- [ ] G3: CISO securityreview通过(CVSS \x3C 7.0,STRIDE 无 FAIL)\r
- [ ] G4: references/ 中文档有链接Description,无悬空引用\r
- [ ] G5: 所有 scripts/ 脚本已测试,零报错\r
- [ ] G6: SKILL.md \x3C 500行(渐进式披露正确)\r
- [ ] G7: 无prohibit文件(README.md/CHANGELOG.md 等)\r
```\r
\r
---\r
\r
### Phase 6 — 打包与publish(Package & Publish)\r
\r
**使用 package_skill.py 打包**:\r
\r
```powershell\r
# Windows\r
python.exe \x3Copenclaw_path>\skills\skill-creator\scripts\package_skill.py \x3Cpath/to/skill-folder> \x3Coutput-dir>\r
\r
# Linux/macOS\r
python3 \x3Copenclaw_path>/skills/skill-creator/scripts/package_skill.py \x3Cpath/to/skill-folder> \x3Coutput-dir>\r
```\r
\r
**打包脚本自动execute**:\r
1. ✅ verify YAML frontmatter 格式\r
2. ✅ 检查 Skill 命名standard\r
3. ✅ verify目录结构\r
4. ✅ 检查 description 完整性\r
5. ✅ confirm文件组织\r
6. ✅ 打包为 `.skill` 文件\r
\r
**publish到 ClawHub**:\r
\r
```bash\r
# 登录(如需publish到公共仓库)\r
clawhub login\r
\r
# publish\r
clawhub publish ./\x3Cskill-name> \\r
--slug \x3Cskill-name> \\r
--name "\x3CSkill 显示名称>" \\r
--version X.Y.Z \\r
--changelog "\x3C变更Description>"\r
```\r
\r
**publish前最终检查**:\r
\r
```markdown\r
## publish前 Checklist\r
\r
- [ ] CISO securityreviewreport已生成(Phase 4)\r
- [ ] Quality Gate 全部通过(Phase 5)\r
- [ ] .skill 包文件已生成\r
- [ ] 版本号符合 semver(X.Y.Z)\r
- [ ] Changelog 已写入(如果已有历史版本)\r
- [ ] ClawHub slug 已confirm唯1性\r
```\r
\r
---\r
\r
## 快速参考\r
\r
### trigger命令\r
\r
```\r
"create Skill" / "新建Skill" / "开发 Skill" / "create1个Skill包"\r
```\r
\r
### 自然语言指令映射\r
\r
| 用户请求 | execute动作 |\r
|---------|---------|\r
| "create1个读取 PDF 的 Skill" | 初始化 → 需求analyze → 架构design → 实现 → securityreview → 打包 |\r
| "帮我写1个handle Excel 的Skill" | 同上,参考 xlsx skill design模式 |\r
| "需要1个新 Skill 来做 XX" | 需求analyze → confirmtrigger时机和permission |\r
\r
### 常见错误\r
\r
1. **跳过securityreview**:Phase 4 是强制门禁,不得跳过\r
2. **手动create目录**:必须使用 init_skill.py\r
3. **SKILL.md 过长**:超过 500 行 → 拆分到 references/\r
4. **description 过短**:\x3C 50 字 → trigger时机不明确,Skill 无法激活\r
5. **引入prohibit文件**:README.md/CHANGELOG.md → 删除\r
6. **硬编码密钥**:🚫 reject,必须用环境变量\r
\r
---\r
\r
## 参考文件\r
\r
- `references/design.md` — 需求analyze模板和架构design指南\r
- `references/security-review.md` — 详细 CISO securityreview清单\r
- `references/quality-gate.md` — quality gate检查表\r
- `references/publish-guide.md` — ClawHub publish指南\r
\r
---\r
\r
## 版本历史(Changelog)\r
\r
| 版本 | 日期 | Changes | 审核人 |\r
|------|------|---------|--------|\r
| **1.1.0** | 2026-04-13 | 新增 Agent 调用接口层(Inter-Agent Interface):6个 Task 类型(create/design-review/security-review/quality-gate/package/publish);CISO securityConstraint和security红线;与 ai-skill-maintainer / ai-skill-optimizer 接口关系Definition;CLO compliance登记节点;Day 3 预算概算 | CTO-001 / CISO-001 |\r
| **1.0.0** | 2026-04-11 | Initial version:CTO MLOops 6phase创作process + CISO STRIDE securityreviewstandard + G0-G7 quality gate | CTO-001 / CISO-001 |\r
\r
## rollbackstrategy(Rollback)\r
\r
> 如任何phase失败,execute以下操作recover:\r
\r
```bash\r
# recover到上1个 Git tag\r
git checkout tags/v\x3C上1版本> -- .\r
\r
# 或使用快照包(如果有)\r
clawhub restore ./dist/\x3Cskill-name>-v\x3CX.Y.Z>.skill\r
\r
# verifyrollback成功\r
git log --oneline -3\r
```\r
\r
**rollbacktrigger条件**:\r
- Phase 3(G2 securityreview)失败 → rollback到 Phase 2\r
- Phase 4(G3 quality gate)失败 → rollback到 Phase 3\r
- Phase 6(publish)失败 → rollback到 Phase 5\r
\r
**rollback后操作**:\r
1. recordrollback原因到 `references/creation-log.md`\r
2. notify CTO-001 和 CISO-001\r
3. analyze失败原因后重新进入创作process\r
Usage Guidance
This SKILL.md looks coherent for a skill-creation workflow, but before installing check: (1) what filesystem permissions the agent will get — it needs read/write to skill dirs and that is sensitive; (2) whether the platform enforces the described CISO authorization (CISO-001) and prevents auto-publish without human sign-off; (3) that sessions_spawn/sessions_send actually execute in strong isolation as claimed; (4) review any produced .skill artifacts before allowing publishing to external hubs; (5) if you plan to use it, test in an isolated environment first and restrict its agent role to the minimum permissions (L3/read-write only to a designated sandboxed skills directory). If any of these platform guarantees are missing, treat the skill with extra caution.
Capability Analysis
Type: OpenClaw Skill
Name: ai-skill-creator
Version: 1.1.0-en2
The skill bundle defines a structured MLOps workflow for creating, reviewing, and publishing other AI skills. It incorporates a 'CISO' persona and a 'Security Review' phase that explicitly prohibits malicious behaviors such as data exfiltration, credential theft, and path traversal. The instructions in SKILL.md are focused on enforcing security gates (STRIDE/CVSS) and quality standards, showing no evidence of malicious intent or prompt injection aimed at compromising the agent.
Capability Assessment
Purpose & Capability
Name/description match the SKILL.md: the document defines tasks (create, security-review, quality-gate, package, publish) and agent interfaces for skill creation and review. There are no unrelated required binaries, env vars, or installs.
Instruction Scope
SKILL.md contains detailed runtime instructions for inter-agent tasks, filesystem paths (skill-path), security checks (path traversal, trusted_base_dirs), packaging, and publishing. This is appropriate for a skill-creator but requires the agent to have read/write access to workspace/skills directories and to call/coordinate isolated sessions; the user should confirm those permissions and isolation guarantees before enabling the skill.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest disk footprint and no remote download/execution.
Credentials
No environment variables, credentials, or config paths are requested. References to authorizations like 'CISO-001' are logical/role identifiers in the instructions, not secrets. This is proportionate to the claimed purpose.
Persistence & Privilege
always:false and normal autonomous invocation. The skill's purpose (creating and publishing .skill packages) inherently requires write access to skills/ directories and the ability to invoke packaging/publish tasks; confirm that publishing cannot be performed without explicit human/CISO approval and that it cannot modify other skills or global agent configs outside its scope.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install ai-skill-creator - After installation, invoke the skill by name or use
/ai-skill-creator - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0-en2
Full body English translation
v1.1.0-en
English version
v1.1.0
v1.1.0: 新增Agent调用接口层,6个TASK类型,统一错误码体系,changelog和回滚策略
Metadata
Frequently Asked Questions
What is AI Skill Creator (EN)?
AI公司 Skill 创作工作流(CTO MLOps + CISO securitystandard版)。当需要从头create新 Skill(包括初始化目录结构、编写 SKILL.md、引用文件、脚本资源、securityreview、quality gate)时使用。trigger关键词:createSkil... It is an AI Agent Skill for Claude Code / OpenClaw, with 128 downloads so far.
How do I install AI Skill Creator (EN)?
Run "/install ai-skill-creator" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is AI Skill Creator (EN) free?
Yes, AI Skill Creator (EN) is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does AI Skill Creator (EN) support?
AI Skill Creator (EN) is cross-platform and runs anywhere OpenClaw / Claude Code is available (linux, darwin, win32).
Who created AI Skill Creator (EN)?
It is built and maintained by JohnSmithfan (@johnsmithfan); the current version is v1.1.0-en2.
More Skills