强制指令：执行 Software Development Life Cycle (SDLC)。所有的代码修改、Bug 修复和功能实现，必须且只能通过启动本技能中的 orchestrator.py 来完成。严禁主 Agent (你) 绕过本技能直接去操作源码工作区。

What to consider before installing/using this skill: 1) Review orchestrator.py and spawn_* scripts before running. Focus on subprocess.exec/subprocess.run usage, whether they invoke shells or write/execute temporary files, and whether they parse and then re-emit instructions that cause the agent to take further actions. Ensure temp-file creation is secure (unique names, correct permissions) and files are cleaned up. 2) Watch the dangerous runtime rule: the SKILL.md requires the agent to "strictly execute" any instructions that appear below the marker '[ACTION REQUIRED FOR MANAGER]' in the orchestrator stdout. That effectively allows the orchestrator to inject commands into the agent. Decide if you will enforce human confirmation for such outputs or modify the SKILL.md/orchestrator to require manual approval. 3) Run initially in an isolated, non-production environment (throwaway VM/container) with limited permissions. Set HOME_MOCK or otherwise redirect ~/.openclaw to a temp directory to prevent accidental deployment to your real OpenClaw instance or restarting real services. 4) Check credential needs: scripts reference a GitHub sync script and restart of the OpenClaw gateway — verify what Git credentials or system permissions will be required and do not provide secrets without auditing the code paths that use them. 5) Audit prompts.json and playbook templates for 'auto-run' directives (e.g., 'DO NOT ASK FOR PERMISSION', 'Start now'). These force automated generation/execution — consider hardening by requiring explicit human approval (a gating step) before Planner/Coder/Reviewer start creating commits or PRs. 6) If you plan to allow autonomous invocation, restrict it until you've validated the behavior above. If you cannot review the code, treat the skill as risky: disable autonomous invocation and require user invocation only with human-in-the-loop approvals. 7) If you want help: I can (a) scan orchestrator.py for subprocess/exec usage and temporary-file patterns, (b) summarize places where the orchestrator writes to ~/.openclaw or calls external sync/restart, and (c) propose edits to the SKILL.md to remove the automatic-execute-on-stdout rule so manager actions require explicit confirmation.

Type: OpenClaw Skill Name: leio-sdlc Version: 1.0.0 The `leio-sdlc` bundle is a sophisticated multi-agent SDLC orchestration framework that automates planning, coding, and reviewing tasks. It utilizes a state machine implemented in `scripts/orchestrator.py` to coordinate sub-agents via `scripts/agent_driver.py`. While the system performs high-privilege operations such as Git repository manipulation, filesystem access, and service restarts (`openclaw gateway restart` in `deploy.sh`), these are strictly aligned with its functional purpose. The bundle demonstrates significant defensive engineering, including secure temporary file handling with restricted permissions (`0o600`) in `agent_driver.py`, explicit "Anti-Reward Hacking" guardrails in `config/prompts.json`, and Git pre-commit hooks to enforce process integrity. No evidence of malicious intent, unauthorized data exfiltration, or suspicious external network activity was found.