← 返回 Skills 市场
richardsun700

Execution Verifier

作者 RichardSun · GitHub ↗ · v1.1.0
cross-platform ⚠ suspicious
466
总下载
0
收藏
3
当前安装
1
版本数
在 OpenClaw 中安装
/install execution-verifier
功能描述
Enforce real progress for long-running tasks by separating execution from reporting. Use when users complain that the agent is "saying it's working" without...
使用说明 (SKILL.md)

Execution Verifier

Use this skill to prevent fake progress.

Core policy

  • Treat "no artifact change" as "no progress".
  • Report only hard evidence: file changes, line deltas, commits, test outputs.
  • If no evidence is detected in the time window, report blocker + immediate next action.

Minimal operating loop (30 min)

  1. Execute one concrete next action from OPEN_TASKS.
  2. Write artifacts (target files must change).
  3. Verify with scripts/verify_progress.py.
  4. Report in strict 3-line format.

Strict report format

  1. 已完成:\x3Cfile path + concrete change>
  2. 进行中:\x3Ccurrent actionable step>
  3. 下一步+ETA:\x3Cnext step + time>

If verification fails, replace line 1 with: 本轮无新增(原因:\x3Cblocker>).

Verifier command

python3 skills/execution-verifier/scripts/verify_progress.py \
  --project-dir projects/ai-human-co-production \
  --status projects/ai-human-co-production/STATUS.md \
  --open-tasks projects/ai-human-co-production/OPEN_TASKS.md \
  --window-min 30

Closed-loop mode (verify → auto-execute → re-verify)

Use built-in script:

python3 skills/execution-verifier/scripts/verify_execute_verify.py \
  --verify-cmd "python3 skills/execution-verifier/scripts/verify_progress.py --project-dir projects/ai-human-co-production --status projects/ai-human-co-production/STATUS.md --open-tasks projects/ai-human-co-production/OPEN_TASKS.md --window-min 30" \
  --execute-cmd "openclaw cron run fc567f18-83fa-426c-8181-71a10f4568b3 --force"

Behavior:

  • Step A: verify current progress
  • Step B: if no progress, auto-trigger executor
  • Step C: verify again
  • Output JSON includes before, triggered_execute, after

Cron pattern (recommended)

Use two jobs:

  • Executor job (isolated agentTurn, every 30m): do real work + write files.
  • Verifier job (main systemEvent, every 30m offset +5m): run closed-loop script above.

Never run report-only cron without verifier.

安全使用建议
This skill appears to implement what it claims (detecting file/commit progress), but take precautions before using it: 1) Inspect and control any execute-cmd you pass to the closed-loop script — it will be executed via the shell and can run arbitrary commands. Avoid using closed-loop auto-execute until you trust the executor command. 2) Ensure git and any executor CLI (example: openclaw) are available and understood — add them to documentation/requirements. 3) Review OPEN_TASKS content to ensure backtick paths don't reference sensitive system files (the verifier will report file metadata for any referenced paths). 4) Prefer running the verifier in an isolated environment or with least privilege, and consider modifying the scripts to avoid shell=True or to sanitize/whitelist allowed executor commands. If the author confirms the missing declared dependencies (git/openclaw) and that execute-cmd will be restricted to safe, audited commands, the concerns become much smaller.
功能分析
Type: OpenClaw Skill Name: execution-verifier Version: 1.1.0 The `scripts/verify_execute_verify.py` script is vulnerable to shell injection (RCE) because it uses `subprocess.run(cmd, shell=True)` where `cmd` is directly derived from command-line arguments (`--verify-cmd`, `--execute-cmd`) without proper sanitization. While the `SKILL.md` currently provides specific, seemingly benign `openclaw` commands, this design flaw allows for arbitrary command execution if an attacker can control these arguments, for instance, via prompt injection against the agent invoking the skill. There is no clear evidence of intentional malicious behavior like data exfiltration or backdoor installation in the provided files, but the critical vulnerability makes it suspicious.
能力评估
Purpose & Capability
The name/description (verify real progress via file/commit checks) matches the included scripts' behavior. However the skill implicitly expects external CLIs (git, and the example uses an openclaw CLI) but the metadata declares no required binaries; that's an omission and a documentation mismatch.
Instruction Scope
The verifier reads the OPEN_TASKS file and extracts backtick-marked paths, then stats those files (mtime/size) and runs git to check commits — scope-appropriate. But the closed-loop uses an execute-cmd string run via subprocess with shell=True, meaning the skill can execute arbitrary system commands when it detects 'no progress'. Also backtick paths can point to absolute system files, causing the verifier to report metadata about arbitrary files. Both behaviors broaden scope beyond pure verification and can have surprising effects.
Install Mechanism
Instruction-only with no install spec — nothing is downloaded or written during install, which minimizes install-time risk.
Credentials
No environment variables or credentials are requested (good). But the skill uses git and expects an 'openclaw' executor in examples; those CLIs and any credentials they rely on are not declared. The closed-loop can invoke executors that may access secrets or network resources, so the lack of declared dependencies understates the required runtime privileges.
Persistence & Privilege
always is false (good). The skill can be invoked autonomously (platform default). The real risk is enabling closed-loop auto-execution: the verify_execute_verify script will trigger arbitrary execute-cmd commands automatically when progress is not detected, increasing operational privilege if used without restrictions.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install execution-verifier
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /execution-verifier 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
Add closed-loop mode: verify -> auto-execute -> re-verify, with hard artifact/commit-based progress checks for stalled long-running tasks.
元数据
Slug execution-verifier
版本 1.1.0
许可证
累计安装 3
当前安装数 3
历史版本数 1
常见问题

Execution Verifier 是什么?

Enforce real progress for long-running tasks by separating execution from reporting. Use when users complain that the agent is "saying it's working" without... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 466 次。

如何安装 Execution Verifier?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install execution-verifier」即可一键安装,无需额外配置。

Execution Verifier 是免费的吗?

是的,Execution Verifier 完全免费(开源免费),可自由下载、安装和使用。

Execution Verifier 支持哪些平台?

Execution Verifier 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Execution Verifier?

由 RichardSun(@richardsun700)开发并维护,当前版本 v1.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论