← 返回 Skills 市场
Forge 🔨 Repair-Inspect Loop
作者
melody1015
· GitHub ↗
· v1.0.0
409
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install forge-loop
功能描述
Forge 🔨 — Repair-Inspect loop orchestrator. Automated code repair with independent inspection, dependency-aware parallel execution, protected file guardrail...
使用说明 (SKILL.md)
Forge 🔨 — 维修-监理自动循环
Automated repair-inspect loop with state persistence, dependency analysis, and safety guardrails.
When to Use
- Multiple repair tasks from review board / audit / user instructions
- Need independent verification (not just "looks fixed")
- Want protected file safety + auto-commit on PASS
Quick Start
cd /path/to/project
# 1. Initialize
python3 ~/clawd/skills/forge/scripts/forge.py init
# 2. Add tasks
python3 forge.py add "修复空值处理" --criteria "空输入不崩溃" --priority P0
python3 forge.py add "清理废弃代码" --criteria "无import报错" --depends task-001
# 3. See execution plan
python3 forge.py plan
# 4. Run (outputs spawn instructions)
python3 forge.py run
# 5. Execute spawns, then run again to check results
python3 forge.py run # checks results, auto-loops on FAIL
# 6. When all done
python3 forge.py summary
CLI Reference
| Command | Description |
|---|---|
init --workdir DIR |
Initialize forge session |
add "desc" --criteria "..." --depends task-001 --priority P0 |
Add repair task |
plan |
Show dependency graph + parallel execution waves |
run |
Advance state machine (spawn or check results) |
status |
Show current progress |
check |
Pre-commit safety check (protected files, deletions) |
summary |
Generate completion report |
reset |
Clear state |
How It Works
State Machine (per task)
pending → repairing → inspecting → done
↑ │
└── fail ──┘ (auto-loop, max 5 rounds)
inspecting → needs_human (pause, escalate)
inspecting → escalated (>5 rounds)
repairing → needs_human (all BLOCKED)
Dependency-Aware Parallel Execution
Tasks without dependencies run in parallel. forge.py plan shows execution waves:
Wave 1: task-001, task-002, task-003 (并行)
Wave 2: task-004 ← task-001 (等task-001完成)
Safety Guardrails (3 layers)
- Protected files —
protected-files.txtin project root. Listed files cannot be modified by repair agents. Touching them → BLOCKED → NEEDS_HUMAN. - Pre-commit diff check —
forge.py checkdetects: file deletions, protected file modifications, abnormally large changes. - Prompt constraints — Repair engineer prompt explicitly forbids deletions, protected files, cron changes.
Experience Accumulation
Each repair produces a repair_pattern with error classification and reusable solution templates. These are stored in forge-reflections.jsonl and the most recent 5 patterns are injected into future repair tasks as context.
Integration with AI Agents
When the agent receives repair tasks (from code review, audit, or user):
# 1. Init forge in project dir
exec("cd /path/to/project && python3 ~/clawd/skills/forge/scripts/forge.py init")
# 2. Add tasks
exec("python3 forge.py add 'Fix null handling in processor' --criteria 'No crash on empty input' --priority P0")
# 3. Run to get spawn instructions
exec("python3 forge.py run")
# → Script outputs spawn instructions
# 4. Execute spawns
sessions_spawn(task=read(task_file), label=label, model=model)
# 5. After spawn completes, run again
exec("python3 forge.py run")
# → Checks repair result → prepares inspector spawn
# → Or auto-loops on FAIL → prepares next repair spawn
# 6. On all PASS → git commit + notify
File Layout
forge/
├── SKILL.md # This file
├── scripts/
│ └── forge.py # Core orchestrator
├── references/
│ └── protocol.md # Full protocol documentation
└── assets/
└── templates/
├── repair-engineer.md # Repair agent role reference
└── inspector.md # Inspector role reference
Project-side files (created by forge)
project/
├── forge-state.json # State persistence (crash recovery)
├── forge-reflections.jsonl # Project-specific experience (stays with project)
├── forge-output/ # Task files and results
│ ├── task-001-repair-r1.task.md # Repair spawn task
│ ├── task-001-repair-r1.json # Repair result
│ ├── task-001-inspect-r1.task.md # Inspect spawn task
│ └── task-001-inspect-r1.json # Inspect result
└── protected-files.txt # (optional) Protected file list
Experience: Two-Layer Architecture
forge/reflections/patterns.jsonl # Universal patterns (cross-project, stays with skill)
project/forge-reflections.jsonl # Project-specific patterns (stays with project)
- Universal layer (
forge/reflections/patterns.jsonl): Abstract lessons stripped of file paths and project context. Auto-extracted from project patterns after each repair. Deduped by pattern_name. Injected into ALL future repairs across any project. - Project layer (
{project}/forge-reflections.jsonl): Full detail with file names, paths, project-specific context. Only injected when working on that project. - Auto-extraction: After each repair,
extract_universal_pattern()checks if the pattern is generalizable (not too many project-specific paths). If so, it's added to the universal layer with dedup.
Doc-Sync Check (文档同步检查)
Forge收尾时自动检查:修改的代码文件是否有关联文档需要同步更新。
工作原理
- 优先运行
scripts/tools/doc-sync-checker.py --json(如果存在) - 回退到
references/doc-sync-manifest.yaml:交叉对比forge修改的文件与manifest中的authority→consumer映射
项目配置
在项目中创建 references/doc-sync-manifest.yaml:
facts:
api_config:
authority: src/config.py
consumers:
- docs/api-reference.md
- docs/deployment-guide.md
last_synced: 2026-03-01
Forge完成报告会显示:
📄 文档同步检查 — 2 个文档可能需要更新:
⚠️ docs/api-reference.md 可能需要同步更新(api_config 的权威源 src/config.py 已修改)
Configuration
Via init flags or forge-state.json config section:
| Key | Default | Description |
|---|---|---|
model |
anthropic/claude-opus-4-6 |
LLM model for agents |
max_rounds |
5 |
Max repair-inspect cycles before escalation |
repair_timeout |
600 |
Repair agent timeout (seconds) |
inspect_timeout |
300 |
Inspector timeout (seconds) |
auto_commit |
true |
Auto git-commit on PASS |
安全使用建议
This skill appears to implement the advertised repair→inspect orchestration, but take these precautions before installing or running it on real repositories:
1. Audit scripts/forge.py (search for subprocess.run/exec/git calls and any network operations). Confirm exactly how commits and external commands are executed.
2. Disable auto-commit and automatic auto-looping during initial evaluation (set config.auto_commit = False and run single-step manual flows). Require human approval before any git push or commit to protected branches.
3. Review how 'universal' patterns are extracted and stored (forge/reflections/patterns.jsonl). If you will run this across multiple projects, either turn off universal extraction or ensure a strict sanitization step to remove any project-specific paths, sample data, or secrets.
4. Treat the doc-sync step as untrusted code execution: it will run project-provided scripts (e.g., scripts/tools/doc-sync-checker.py) if present. Only enable that in isolated/test environments or after reviewing those scripts.
5. Populate protected-files.txt for anything that must never be touched (credentials, deployment scripts, CI config). Test the protected-files enforcement on a sandbox repo with safe dummy files.
6. Run the skill first in a disposable clone/branch with no secrets, and inspect forge-output and reflections files to ensure no sensitive data is being recorded or leaked across projects.
If you want, provide the full forge.py content (or search results for subprocess/git/network usage) and I can point to the exact lines to review and suggest safer configuration changes.
功能分析
Type: OpenClaw Skill
Name: forge-loop
Version: 1.0.0
The skill is classified as suspicious due to a critical Remote Code Execution (RCE) vulnerability found in `scripts/forge.py`. The `check_doc_sync` function dynamically executes `scripts/tools/doc-sync-checker.py` if it exists within the project's work directory. This allows a malicious project owner to place arbitrary code in this file, which would then be executed by the OpenClaw agent running the Forge skill. While the skill's prompts for sub-agents include safety guardrails, this direct execution of untrusted project-supplied code constitutes a significant vulnerability, enabling potential self-exploitation of the agent.
能力评估
Purpose & Capability
Name/description match what is present: an orchestrator for repair→inspect loops. The artifact contains an orchestrator script (scripts/forge.py), role templates, protocol docs, and state/reflection file conventions. It does not request unrelated credentials or binaries.
Instruction Scope
The SKILL.md directs the agent to run forge.py to create tasks, spawn repair/inspect sessions, write outputs into the project (forge-output/), and automatically extract and reuse repair patterns. It also will try to run project-side helpers (e.g., scripts/tools/doc-sync-checker.py) if present. Two concerns: (1) the universal 'patterns.jsonl' is reused across all projects — project-specific information may be insufficiently sanitized and could be injected into later repairs on other projects; (2) the doc-sync step and other scripted steps execute project-provided code, which can run arbitrary code in the project environment. Both are outside the minimal scope of “orchestration” and increase risk.
Install Mechanism
There is no external install spec — this is instruction + bundled script. No network downloads or remote installers are involved in the skill bundle itself, which reduces supply-chain risk.
Credentials
The skill does not request environment variables or credentials. However it persistently stores two cross-cutting artifacts: a universal reflections file inside the skill (forge/reflections/patterns.jsonl) and project-specific reflections (project/forge-reflections.jsonl). If the extraction/sanitization heuristics fail, sensitive project data (paths, examples, tokens, or config snippets) could be recorded and then exposed to other projects' runs.
Persistence & Privilege
The orchestrator will modify project state (forge-state.json, forge-output/, forge-reflections.jsonl) and — per the protocol — auto-commit changes on PASS (config.auto_commit = True by default). Combined with automatic retry loops ('auto-loop on FAIL' and up to 5 rounds) and cross-project universal pattern accumulation, the skill has a persistent and far-reaching footprint. While not flagged as always:true, the skill still performs high-privilege actions (writing, committing, executing project scripts) without human review by default.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install forge-loop - 安装完成后,直接呼叫该 Skill 的名称或使用
/forge-loop触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: Repair-Inspect loop orchestrator with dependency-aware parallel execution, protected file guardrails, two-layer experience accumulation, doc-sync checking, and crash-recoverable state.
元数据
常见问题
Forge 🔨 Repair-Inspect Loop 是什么?
Forge 🔨 — Repair-Inspect loop orchestrator. Automated code repair with independent inspection, dependency-aware parallel execution, protected file guardrail... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 409 次。
如何安装 Forge 🔨 Repair-Inspect Loop?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install forge-loop」即可一键安装,无需额外配置。
Forge 🔨 Repair-Inspect Loop 是免费的吗?
是的,Forge 🔨 Repair-Inspect Loop 完全免费(开源免费),可自由下载、安装和使用。
Forge 🔨 Repair-Inspect Loop 支持哪些平台?
Forge 🔨 Repair-Inspect Loop 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Forge 🔨 Repair-Inspect Loop?
由 melody1015(@melody1015)开发并维护,当前版本 v1.0.0。
推荐 Skills