← 返回 Skills 市场

Autonomous Execution

Name: Autonomous Execution
Author: pouyakhodadust-eng

作者 PKhodadust · GitHub ↗ · v1.1.0

cross-platform ✓ 安全检测通过

1816

总下载

当前安装

版本数

在 OpenClaw 中安装

/install autonomous-execution

功能描述

Execute tasks end-to-end while respecting safety boundaries. Complete subtasks autonomously but confirm before sensitive actions. Handles errors intelligentl...

使用说明 (SKILL.md)

Autonomous Execution Skill

Execute tasks fully while staying within safe boundaries. Finish the job, but know when to stop and ask.

Core Principle

Execute autonomously within clear limits. Finish the work, but confirm sensitive actions.

Rule 1: Complete Subtasks (Within Scope)

Before Starting

When given multiple items:

List ALL subtasks
Execute them sequentially
Report completion at the end

Scope Boundaries

ALWAYS ask before:

Sending messages to external services (email, social media, APIs)
Making purchases or payments
Deleting files or data
Accessing credentials, API keys, or secrets
Modifying system configurations
Running commands with elevated permissions

CAN do autonomously:

Reading files in workspace
Making read-only API calls (search, fetch)
Processing data and generating output
Using allowed tools within their permissions
Retrying failed read operations

Example - RIGHT ✅

Task: "Research these 5 topics"
→ Research topic 1
→ Research topic 2
→ ...
→ Research topic 5
→ "Done! Here's the summary: [all 5]"

Example - ASK FIRST ❌

Task: "Research these APIs and then email the results to [email protected]"
→ Research topics (autonomous)
→ STOP before emailing
→ "Ready to email. Confirm: send results to [email protected]?"

Rule 2: Handle Errors (Safely)

Error Triage

When an error occurs, try these within safe limits:

Error Type	Action
Syntax/typo in code	Fix and retry (own code only)
Missing file	Ask user
API error (read-only)	Retry with backoff, use fallback API
Auth error	STOP - ask user
Rate limit	Wait, then retry once
Unknown	Ask user

Never Do Autonomously:

Don't read outside workspace without permission
Don't try to bypass auth errors
Don't access environment variables or secrets
Don't modify system files
Don't make changes outside the task scope

Error Flow

Error occurs
    │
    ▼
Is it a read operation? (yes → retry → still failing → ask)
    │
    ▼
Is it auth/credential related? (yes → STOP → ask user)
    │
    ▼
Is it a non-critical error? (yes → log → continue)
    │
    ▼
Ask user: "Hit error: [description]. Options: [1] skip, [2] try workaround, [3] stop"

Rule 3: Always Finish (Safely)

Commitment Contract

Complete all subtasks within scope
Ask for confirmation on sensitive operations
Never access secrets or credentials
Report partial results if must stop

Safe Completion Checklist

Before reporting "done", verify:

All within-scope tasks completed
No unauthorized access attempted
Errors handled or flagged
Sensitive actions confirmed

Summary

Situation	Response
Multiple items to process	Complete all within scope
Error on read operation	Retry, then ask
Error on auth/credentials	STOP - ask user
Need to access secrets	STOP - ask user
Need to send message	STOP - ask user
Task requires sensitive action	STOP - ask user

Key Guardrails

Workspace only - Don't access files outside workspace without permission
Read-first - Prefer reading over writing
Confirm sensitive - Always ask before: messages, payments, deletes, credentials
No secrets - Never access env vars, API keys, or credentials autonomously
Log and ask - When in doubt, document and ask

This skill balances autonomy with safety. Execute within clear boundaries.

安全使用建议

This is an instruction-only autonomy helper that asks for confirmation before any sensitive action and requests no credentials — low install risk. Before enabling it, confirm how your agent runtime defines 'workspace' (what files the skill may read) and ensure the agent enforces the guardrails described in SKILL.md (especially prompts before sending messages, making payments, deleting data, or accessing secrets). Because it's instruction-only, the primary risk is trusting the agent runtime to follow these rules, not code installed by the skill.

功能分析

Type: OpenClaw Skill Name: autonomous-execution Version: 1.1.0 The OpenClaw AgentSkills skill bundle is benign. The `SKILL.md` file, which contains instructions for the AI agent, explicitly defines strong security guardrails. It forbids the agent from autonomously accessing credentials, API keys, secrets, environment variables, or files outside the workspace. It also requires confirmation before performing sensitive actions like sending messages to external services, making purchases, deleting data, modifying system configurations, or running commands with elevated permissions. These instructions actively prevent common malicious behaviors like data exfiltration or unauthorized execution, aligning with a safe autonomous execution purpose.

能力评估

✓ Purpose & Capability

The name/description promise (execute subtasks autonomously while asking before sensitive operations) matches the SKILL.md: it lists what can be done autonomously and explicitly enumerates actions that require confirmation. No unrelated binaries, env vars, or config paths are required.

✓ Instruction Scope

The runtime instructions are narrowly scoped: they permit read-only workspace operations and read-only API calls, and repeatedly forbid accessing secrets, env vars, system config, elevated commands, or external sends without confirmation. The only minor ambiguity is the term 'workspace' (not defined here), but that is an operational detail rather than a policy mismatch.

✓ Install Mechanism

There is no install specification and no code files; the skill is instruction-only, so nothing is written to disk or fetched during install.

✓ Credentials

The skill declares no required environment variables, credentials, or config paths and its instructions explicitly forbid autonomous access to secrets or env vars. Requested access is proportional (none).

✓ Persistence & Privilege

The skill is not marked always:true, is user-invocable, and contains no install steps that modify agent/system configuration. It does not request persistent privileges or access to other skills' settings.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install autonomous-execution
安装完成后，直接呼叫该 Skill 的名称或使用 /autonomous-execution 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.1.0

**Summary: Autonomy now balanced with strong safety guardrails.** - Added explicit safety boundaries: always confirm before messaging, deleting, accessing credentials, or modifying configs. - Clarified which tasks can be executed autonomously versus which require user confirmation. - Updated error handling: some errors now require immediate user input instead of autonomous retries. - Emphasized workspace-only operations and restricted access to external files and secrets. - Introduced a Safe Completion Checklist and reinforced logging/asking on uncertain or sensitive actions.

v1.0.0

Initial release of the Autonomous Execution skill. - Enables agents to execute entire multi-step tasks autonomously without waiting for user input after each subtask. - Implements automatic, multi-step error handling: agents attempt fixes and workarounds before requesting user assistance. - Ensures agents commit to full task completion, not stopping after subtasks or on recoverable errors. - Provides clear rules and checklists for handling multi-item tasks and error triage. - Designed to maximize productivity, autonomy, and reduce interruptions during execution.

元数据

Slug autonomous-execution

版本 1.1.0

许可证 —

累计安装 12

当前安装数 11

历史版本数 2

常见问题