← Back to Skills Marketplace
Task Auditor
by
zenmejiang-commits
· GitHub ↗
· v1.0.0
288
Downloads
0
Stars
2
Active Installs
1
Versions
Install in OpenClaw
/install task-auditor
Description
独立第三方审计auto-iterator任务质量,按执行日志、迭代次数、报告质量等指标评分防止偷懒并自动警报。
Usage Guidance
This skill appears to implement an honest task-auditing script, but you should not install it blind. Before using: 1) Confirm and/or change the TASKS_DIR and MEMORY_DIR to a safe, non-root workspace and ensure the agent will have appropriate but not excessive write permissions. 2) Resolve the threshold mismatch (SKILL.md/skill.json vs audit.sh) so behavior matches expectations. 3) Inspect audit.sh locally to confirm it matches your policy (it writes reports and alerts as markdown files). 4) Run the script in a sandbox or with a test task to verify file paths, side effects, and that no sensitive files are read. If the author can document why /root is required or make paths configurable, this would reduce the concern and could become benign.
Capability Analysis
Type: OpenClaw Skill
Name: task-auditor
Version: 1.0.0
The 'task-auditor' skill is a utility designed to evaluate the quality of tasks performed by other agents using quantitative metrics like log length and iteration counts. The core logic in 'audit.sh' performs standard file system operations within the local workspace to generate reports and alerts, with no evidence of data exfiltration, malicious execution, or harmful prompt injection.
Capability Assessment
Purpose & Capability
The skill claims to be an independent task auditor and includes a shell script that performs log/report checks — that matches the stated purpose. However the runtime script hardcodes filesystem paths under /root/.openclaw/workspace (TASKS_DIR and MEMORY_DIR) while the skill metadata declares no required config paths or environment. The script writes audit and alert files into those locations; that filesystem access was not declared in the registry metadata and may require elevated permissions or an expected workspace layout.
Instruction Scope
SKILL.md describes reasonable audit checks and the included audit.sh implements them (log lines, iterations, report size, keywords, timestamps). It does not call external endpoints or exfiltrate data. Minor scope issues: SKILL.md claims '时间戳不可伪造' (timestamps cannot be forged) but the script performs only simple grep checks and does not implement tamper-proofing; SKILL.md and script disagree about the passing thresholds (SKILL.md/skill.json treat ≥80 as excellent, but audit.sh treats ≥90 as the cutoff for 'excellent' and considers <90 a failure).
Install Mechanism
There is no install spec (instruction-only), which is lower risk. However the package includes executable code (audit.sh) that will be run — so although nothing is downloaded at install time, the skill will perform filesystem writes when executed. That distinction is important: no install-time network risk, but runtime writes occur.
Credentials
The skill declares no required credentials or environment variables, and the script does not read secrets. Still, it assumes specific writable directories under /root/.openclaw/workspace/tasks and /root/.openclaw/workspace/memory. Requiring write access to /root paths is disproportionate for many environments and should be documented or made configurable. No explicit justification for using root-level paths is provided.
Persistence & Privilege
The skill is not marked always:true and does not request autonomous elevation. It writes its own audit and alert files in the workspace but does not modify other skills or system-wide configuration. Runtime file writes are normal for an auditor but should be constrained to a documented, configurable workspace.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install task-auditor - After installation, invoke the skill by name or use
/task-auditor - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Task Auditor 1.0.0 – Initial Release
- Introduces an independent third-party audit system for auto-iterator tasks to prevent low-effort submissions.
- Implements a comprehensive scoring and rating system based on quantifiable criteria (logs, iterations, report length, timestamps, and substance).
- Adds automatic reporting, warning, and archival workflows for task quality.
- Ensures separation between executor and auditor roles, with transparent and traceable logs.
- Supports automatic alerts and random checks for continuous quality assurance.
Metadata
Frequently Asked Questions
What is Task Auditor?
独立第三方审计auto-iterator任务质量,按执行日志、迭代次数、报告质量等指标评分防止偷懒并自动警报。 It is an AI Agent Skill for Claude Code / OpenClaw, with 288 downloads so far.
How do I install Task Auditor?
Run "/install task-auditor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Task Auditor free?
Yes, Task Auditor is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Task Auditor support?
Task Auditor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Task Auditor?
It is built and maintained by zenmejiang-commits (@zenmejiang-commits); the current version is v1.0.0.
More Skills