← 返回 Skills 市场
Openforge
作者
Corbin Breton
· GitHub ↗
· v2.2.0
· MIT-0
206
总下载
0
收藏
1
当前安装
6
版本数
在 OpenClaw 中安装
/install openforge
功能描述
Staged, multi-model PRD execution for OpenClaw. Write a PRD with phased sections, model routing, and validation gates — OpenForge executes it across local an...
安全使用建议
This skill appears to do what it says (orchestrate PRDs), but it intentionally performs potentially dangerous actions: it reads/writes your workspace, spawns sub-agents, and runs gate shell commands from PRDs. Before using it: 1) Never include secrets or credentials in PRD files; sensitive data may be sent to configured model providers. 2) Review every PRD (especially any Gate lines) before execution; the skill's metacharacter checks reduce risk but do not eliminate it. 3) Use an isolated workspace or repo for runs you don't fully trust. 4) If you need stronger guarantees, ask for PRD scope enforcement or secret-scanning before running. If you want me to, I can list specific things to add to a PRD-review checklist or produce a template PRD with safer gate examples.
能力评估
Purpose & Capability
The name/description (PRD orchestration with phased execution, model routing, and gates) matches the SKILL.md instructions: parse PRDs, spawn sub-agents, route models, run gates, and auto-fix loops. No unrelated binaries or credentials are requested. The capabilities requested (read/write workspace, spawn sessions, exec) are exactly what an orchestrator needs.
Instruction Scope
Instructions permit running arbitrary gate commands via exec and passing PRD content verbatim to sub-agents. The skill describes a whitelist-like check that forbids certain shell metacharacters unless Shell-Gate:true, but execution of PRD-specified commands and file writes is core behavior. This is expected for an orchestrator but expands scope to filesystem and shell execution; users must not run untrusted PRDs and should review gate commands carefully.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest-risk install posture. Nothing is downloaded or written by an installer according to the metadata.
Credentials
No environment variables or credentials are required by the skill itself. However, it will route work to whatever AI model providers are configured in the OpenClaw agent (using existing provider credentials already present in the environment), and it passes PRD content and file contents to models. This is proportional to its purpose but important to understand: sensitive data in PRDs or workspace files may be sent to external model providers.
Persistence & Privilege
Skill is not always-enabled and does not request persistent installation. It spawns sub-agents that inherit the orchestrator's workspace constraints, but it does not claim to modify other skills or system-wide configs. Autonomous invocation remains possible (platform default) — consider that this plus exec capability increases attack surface if misused.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openforge - 安装完成后,直接呼叫该 Skill 的名称或使用
/openforge触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.2.0
**Security and safety update for gate command handling.**
- Strengthened PRD and workspace safety documentation to clarify trust model and secret handling.
- Added a new `Shell-Gate: true` field to allow explicit opt-in for shell metacharacters in gate commands.
- By default, OpenForge now validates and rejects gate commands containing shell metacharacters unless `Shell-Gate: true` is set for the phase.
- Improved documentation on PRD review requirements and risks when running untrusted gate commands.
- Updated the default “What OpenForge Does NOT Do” and safety sections to remove CLI/sandbox references and to highlight new validation steps.
v2.1.0
Added P19 horizon-bounded decomposition for complex PRDs and P14 erosion-aware checkpoint gates for code phases
v2.0.2
Add Safety & Scope section; clarify PRD trust model and workspace boundary constraints
v2.0.1
March 2026 - rebuilt with multi-model PRD execution
v1.1.0
v1.1.0: Security hardening — pre-dispatch secret redaction, atomic config restore, expanded file patterns, large file truncation, directory listing filtering. 91 tests passing. Addresses ClawHub security scan findings.
v1.0.0
v1.0.0 — Initial release. Staged, multi-model PRD execution for OpenClaw with escalation, scope enforcement, quality checks, and learning accumulation.
元数据
常见问题
Openforge 是什么?
Staged, multi-model PRD execution for OpenClaw. Write a PRD with phased sections, model routing, and validation gates — OpenForge executes it across local an... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 206 次。
如何安装 Openforge?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openforge」即可一键安装,无需额外配置。
Openforge 是免费的吗?
是的,Openforge 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Openforge 支持哪些平台?
Openforge 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Openforge?
由 Corbin Breton(@corbin-breton)开发并维护,当前版本 v2.2.0。
推荐 Skills