← Back to Skills Marketplace
Execution Verifier
by
RichardSun
· GitHub ↗
· v1.1.0
466
Downloads
0
Stars
3
Active Installs
1
Versions
Install in OpenClaw
/install execution-verifier
Description
Enforce real progress for long-running tasks by separating execution from reporting. Use when users complain that the agent is "saying it's working" without...
README (SKILL.md)
Execution Verifier
Use this skill to prevent fake progress.
Core policy
- Treat "no artifact change" as "no progress".
- Report only hard evidence: file changes, line deltas, commits, test outputs.
- If no evidence is detected in the time window, report blocker + immediate next action.
Minimal operating loop (30 min)
- Execute one concrete next action from OPEN_TASKS.
- Write artifacts (target files must change).
- Verify with
scripts/verify_progress.py. - Report in strict 3-line format.
Strict report format
- 已完成:
\x3Cfile path + concrete change> - 进行中:
\x3Ccurrent actionable step> - 下一步+ETA:
\x3Cnext step + time>
If verification fails, replace line 1 with: 本轮无新增(原因:\x3Cblocker>).
Verifier command
python3 skills/execution-verifier/scripts/verify_progress.py \
--project-dir projects/ai-human-co-production \
--status projects/ai-human-co-production/STATUS.md \
--open-tasks projects/ai-human-co-production/OPEN_TASKS.md \
--window-min 30
Closed-loop mode (verify → auto-execute → re-verify)
Use built-in script:
python3 skills/execution-verifier/scripts/verify_execute_verify.py \
--verify-cmd "python3 skills/execution-verifier/scripts/verify_progress.py --project-dir projects/ai-human-co-production --status projects/ai-human-co-production/STATUS.md --open-tasks projects/ai-human-co-production/OPEN_TASKS.md --window-min 30" \
--execute-cmd "openclaw cron run fc567f18-83fa-426c-8181-71a10f4568b3 --force"
Behavior:
- Step A: verify current progress
- Step B: if no progress, auto-trigger executor
- Step C: verify again
- Output JSON includes
before,triggered_execute,after
Cron pattern (recommended)
Use two jobs:
- Executor job (isolated agentTurn, every 30m): do real work + write files.
- Verifier job (main systemEvent, every 30m offset +5m): run closed-loop script above.
Never run report-only cron without verifier.
Usage Guidance
This skill appears to implement what it claims (detecting file/commit progress), but take precautions before using it: 1) Inspect and control any execute-cmd you pass to the closed-loop script — it will be executed via the shell and can run arbitrary commands. Avoid using closed-loop auto-execute until you trust the executor command. 2) Ensure git and any executor CLI (example: openclaw) are available and understood — add them to documentation/requirements. 3) Review OPEN_TASKS content to ensure backtick paths don't reference sensitive system files (the verifier will report file metadata for any referenced paths). 4) Prefer running the verifier in an isolated environment or with least privilege, and consider modifying the scripts to avoid shell=True or to sanitize/whitelist allowed executor commands. If the author confirms the missing declared dependencies (git/openclaw) and that execute-cmd will be restricted to safe, audited commands, the concerns become much smaller.
Capability Analysis
Type: OpenClaw Skill
Name: execution-verifier
Version: 1.1.0
The `scripts/verify_execute_verify.py` script is vulnerable to shell injection (RCE) because it uses `subprocess.run(cmd, shell=True)` where `cmd` is directly derived from command-line arguments (`--verify-cmd`, `--execute-cmd`) without proper sanitization. While the `SKILL.md` currently provides specific, seemingly benign `openclaw` commands, this design flaw allows for arbitrary command execution if an attacker can control these arguments, for instance, via prompt injection against the agent invoking the skill. There is no clear evidence of intentional malicious behavior like data exfiltration or backdoor installation in the provided files, but the critical vulnerability makes it suspicious.
Capability Assessment
Purpose & Capability
The name/description (verify real progress via file/commit checks) matches the included scripts' behavior. However the skill implicitly expects external CLIs (git, and the example uses an openclaw CLI) but the metadata declares no required binaries; that's an omission and a documentation mismatch.
Instruction Scope
The verifier reads the OPEN_TASKS file and extracts backtick-marked paths, then stats those files (mtime/size) and runs git to check commits — scope-appropriate. But the closed-loop uses an execute-cmd string run via subprocess with shell=True, meaning the skill can execute arbitrary system commands when it detects 'no progress'. Also backtick paths can point to absolute system files, causing the verifier to report metadata about arbitrary files. Both behaviors broaden scope beyond pure verification and can have surprising effects.
Install Mechanism
Instruction-only with no install spec — nothing is downloaded or written during install, which minimizes install-time risk.
Credentials
No environment variables or credentials are requested (good). But the skill uses git and expects an 'openclaw' executor in examples; those CLIs and any credentials they rely on are not declared. The closed-loop can invoke executors that may access secrets or network resources, so the lack of declared dependencies understates the required runtime privileges.
Persistence & Privilege
always is false (good). The skill can be invoked autonomously (platform default). The real risk is enabling closed-loop auto-execution: the verify_execute_verify script will trigger arbitrary execute-cmd commands automatically when progress is not detected, increasing operational privilege if used without restrictions.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install execution-verifier - After installation, invoke the skill by name or use
/execution-verifier - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
Add closed-loop mode: verify -> auto-execute -> re-verify, with hard artifact/commit-based progress checks for stalled long-running tasks.
Metadata
Frequently Asked Questions
What is Execution Verifier?
Enforce real progress for long-running tasks by separating execution from reporting. Use when users complain that the agent is "saying it's working" without... It is an AI Agent Skill for Claude Code / OpenClaw, with 466 downloads so far.
How do I install Execution Verifier?
Run "/install execution-verifier" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Execution Verifier free?
Yes, Execution Verifier is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Execution Verifier support?
Execution Verifier is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Execution Verifier?
It is built and maintained by RichardSun (@richardsun700); the current version is v1.1.0.
More Skills