← Back to Skills Marketplace
898
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install production-readiness
Description
Meta-skill that orchestrates logging, monitoring, error handling, performance, security, deployment, and testing skills to ensure a service is fully production-ready before launch. Use before first deploy, major releases, quarterly reviews, or after incidents.
Usage Guidance
This meta-skill itself is plausible and light-weight, but it works by reading and executing instructions from many other skills/agents. Before installing: 1) Verify provenance — prefer a published repo/homepage and a maintainer you trust; the package metadata here has no homepage and source is unknown. 2) Inspect every referenced skill/agent (logging-observability, security-review, docker-expert, testing-workflow, performance-agent, deployment-agent, etc.) — review their SKILL.md, README, and any code for required env vars, network endpoints, or install scripts. 3) Be cautious about credentials: do not provide AWS/ Vault/ database secrets or CI tokens unless you’ve reviewed the downstream skill that needs them. 4) If possible, run the orchestration in a sandbox or with the agent limited to user-invoked mode until you confirm behavior. 5) Treat any install commands that pull from arbitrary GitHub URLs or run npx against unknown packages as higher risk — prefer vetted sources or local inspection before installing. Reviewing the referenced skills is the critical step to assess actual risk.
Capability Analysis
Type: OpenClaw Skill
Name: production-readiness
Version: 1.0.0
The OpenClaw AgentSkills skill bundle for 'production-readiness' is benign. It functions as a meta-skill, orchestrating other skills and agents for a comprehensive readiness review. The `SKILL.md` contains instructions for the AI agent to delegate to and follow instructions from other skills, which is a core function of an orchestrator and not an attempt at prompt injection by this skill itself. Installation commands in `README.md` involve `npx add` from a GitHub URL, which is a standard, albeit supply-chain-dependent, method for skill installation, and the URL points to the skill itself. No evidence of data exfiltration, malicious execution, persistence, or obfuscation was found.
Capability Assessment
Purpose & Capability
Name/description describe an orchestration/meta-skill. The skill is instruction-only, requests no binaries, env vars, or config paths — which is proportionate for a coordinator that defers work to specialized skills.
Instruction Scope
Runtime instructions explicitly tell the agent to "read the target skill first, follow its instructions, then return results" for many named skills/agents. That is expected for a meta-skill, but it grants this skill an implicit ability to invoke arbitrary logic from those other skills. The SKILL.md does not constrain or validate what delegated skills may do (network calls, credential access, file reads/writes), so the effective runtime scope depends entirely on the referenced skills.
Install Mechanism
There is no install spec in the registry entry (instruction-only), which is low-risk. README contains example npx commands and a GitHub tree URL, but the skill's source/homepage are unknown; those install suggestions point to an external repo (unverified). Lack of provenance is a caution: follow-up installs could pull code from untrusted locations.
Credentials
This skill declares no required environment variables or credentials, which is appropriate. However, because it delegates to many other skills, those downstream skills may require credentials or secrets; the meta-skill does not enumerate or warn about them.
Persistence & Privilege
always:false and default model-invocation are benign. The skill does not request persistent presence or changes to other skills' configs. The main risk is that autonomous invocation will allow the agent to call delegated skills (normal behavior), increasing blast radius if those skills are untrusted.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install production-readiness - After installation, invoke the skill by name or use
/production-readiness - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of the production-readiness meta-skill.
- Coordinates logging, monitoring, error handling, performance, security, deployment, and testing checks into a unified production readiness review.
- Delegates to specialized skills and agents for each operational concern; synthesizes a single go/no-go report.
- Provides detailed orchestration flow, checklist, and maturity model for evaluating service readiness.
- Designed for use before first deploy, major releases, quarterly reviews, after incidents, and during ownership transfers.
- Includes routing table for related skills and commands.
Metadata
Frequently Asked Questions
What is Production Readiness?
Meta-skill that orchestrates logging, monitoring, error handling, performance, security, deployment, and testing skills to ensure a service is fully production-ready before launch. Use before first deploy, major releases, quarterly reviews, or after incidents. It is an AI Agent Skill for Claude Code / OpenClaw, with 898 downloads so far.
How do I install Production Readiness?
Run "/install production-readiness" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Production Readiness free?
Yes, Production Readiness is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Production Readiness support?
Production Readiness is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Production Readiness?
It is built and maintained by wpank (@wpank); the current version is v1.0.0.
More Skills