← Back to Skills Marketplace

Doctorbot Ci Validator

Name: Doctorbot Ci Validator
Author: bamontejano

by bamontejano · GitHub ↗ · v0.1.0

cross-platform ⚠ suspicious

794

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install skill-doctorbot-ci-validator

Description

Stop failing in production. Validate your GitHub Actions, GitLab CI & Keep workflows offline with surgical precision. Born from Keep bounty research, perfected for agents.

Usage Guidance

Do not install or run this skill as-is. The SKILL.md expects local Python scripts (scripts/validate_keep.py and scripts/validate_yaml.py) but the published package contains no code or install spec; it's therefore incomplete and ambiguous. Before proceeding, ask the publisher or maintainer for: (1) the actual code or a proper install spec that fetches it, (2) an explicit list of required binaries and Python packages, and (3) a README or source tarball you can inspect. If you must test it, fetch the GitHub homepage referenced in the skill, inspect the repository contents and scripts for network calls or credential use, and run any unknown scripts in an isolated sandbox/container with no access to secrets or production repositories.

Capability Analysis

Type: OpenClaw Skill Name: skill-doctorbot-ci-validator Version: 0.1.0 The provided `_meta.json` and `SKILL.md` files describe a skill for validating CI/CD workflow files. The `SKILL.md` outlines the skill's purpose, features, and usage, which involves executing local Python scripts (`scripts/validate_keep.py`, `scripts/validate_yaml.py`) with user-provided file paths. There is no evidence of prompt injection attempts against the agent, direct malicious commands, data exfiltration, or other harmful behaviors within the analyzed content. The instructions are straightforward and align with the stated, legitimate purpose of CI/CD validation. The actual Python scripts are not provided, so their content cannot be analyzed for vulnerabilities or malicious code, but the instructions themselves are benign.

Capability Assessment

⚠ Purpose & Capability

The skill claims to perform offline CI workflow validation (Keep, GitHub Actions, GitLab), and the instructions reference concrete Python scripts (scripts/validate_keep.py, scripts/validate_yaml.py). However, the published package contains no code files and no install specification to provide those scripts. That makes the declared capability unattainable from this bundle and therefore incoherent.

⚠ Instruction Scope

Runtime instructions tell the agent to run python3 scripts against repository files and directories. Reading repo workflow files is consistent with a validator, but because the scripts aren't included, the instructions effectively instruct the agent to run arbitrary code that isn't present. The instructions do not request network exfiltration or unrelated system access, but they assume the presence of local scripts and Python that are not declared.

⚠ Install Mechanism

There is no install specification in the bundle even though SKILL.md documents an installation command (openclaw install doctorbot-ci-validator) and describes Python scripts. Without an install spec or bundled code, it's unclear how the referenced scripts would be provided. Lack of an install mechanism is lower direct risk but increases ambiguity about where executable code would come from.

⚠ Credentials

The skill declares no required binaries or environment variables, yet the instructions explicitly call python3 and expect to run validation scripts (which likely need libraries such as PyYAML or custom dependencies). This mismatch—no declared runtime requirements while requiring Python execution—is disproportionate and unexplained.

✓ Persistence & Privilege

The skill does not request elevated persistence: always is false, and there are no required config paths or credentials. disable-model-invocation is false (normal). There is no evidence the skill tries to modify other skills or request system-wide configuration.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install skill-doctorbot-ci-validator
After installation, invoke the skill by name or use /skill-doctorbot-ci-validator
Provide required inputs per the skill's parameter spec and get structured output

Version History

v0.1.0

- Initial release of doctorbot-ci-validator. - Provides offline, deterministic validation for CI/CD workflow files (GitHub Actions, GitLab CI, Keep, and more). - Supports both full-featured workflow logic validation and fast YAML syntax checks. - No environment dependencies—no live databases or networks required. - Includes command-line scripts for file and directory validation. - Suitable for pre-commit hooks, CI/CD pipelines, and agent-based code generation.

Metadata

Slug skill-doctorbot-ci-validator

Version 0.1.0

License —

All-time Installs 1

Active Installs 1

Total Versions 1

Frequently Asked Questions

What is Doctorbot Ci Validator?

Stop failing in production. Validate your GitHub Actions, GitLab CI & Keep workflows offline with surgical precision. Born from Keep bounty research, perfected for agents. It is an AI Agent Skill for Claude Code / OpenClaw, with 794 downloads so far.

How do I install Doctorbot Ci Validator?

Run "/install skill-doctorbot-ci-validator" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Doctorbot Ci Validator free?

Yes, Doctorbot Ci Validator is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Doctorbot Ci Validator support?

Doctorbot Ci Validator is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Doctorbot Ci Validator?

It is built and maintained by bamontejano (@bamontejano); the current version is v0.1.0.

More Skills