openclaw-engineering-harness

Manages the full engineering workflow by clarifying requests, discovering code, making minimal changes, validating, and preparing publish-ready artifacts.

This skill appears to do what it says: inspect a codebase, make minimal changes, run constraint/audit checks, and prepare exports. Important points before you install or run it: - It will read and may update .claude/MEMORY.md and other .claude memory-topic files — review that directory for sensitive content first. - The skill is permitted to run git commands (checkout, reset, add, commit). Ensure your working tree is backed up or committed and that you trust automated commits before allowing the skill to write/commit. - The scripts perform local audits to block host paths and network literals on export; they do not contain outbound network calls or require credentials. - If you want tighter control, run the skill in a sandbox or restrict it to read-only mode initially (deny Write/Edit/Bash commit tools) until you are satisfied with its behavior. - Review scripts/runtime_support.py and the run_*.py scripts (they're included) if you want to confirm specific behaviors; the package is self-contained and uses only standard library modules.

Type: OpenClaw Skill Name: openclaw-engineering-harness Version: 1.0.0 The bundle defines a structured engineering workflow for an AI agent, focusing on task clarification, minimal code changes, and rigorous validation. It includes defensive utility scripts like `run_audit.py` and `run_constraints.py` (supported by `runtime_support.py`) which are designed to prevent data leakage by auditing export directories for sensitive path signatures or network literals defined in `export-audit-policy.json`. While the skill permits powerful tools such as `Bash(python3:*)` and `Edit`, these capabilities are strictly aligned with the stated purpose of an engineering harness and are governed by 'Engineering Iron Laws' in `SKILL.md` that mandate validation and prohibit unauthorized refactoring.