← 返回 Skills 市场
zenmejiang-commits

Task Auditor

作者 zenmejiang-commits · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
288
总下载
0
收藏
2
当前安装
1
版本数
在 OpenClaw 中安装
/install task-auditor
功能描述
独立第三方审计auto-iterator任务质量,按执行日志、迭代次数、报告质量等指标评分防止偷懒并自动警报。
安全使用建议
This skill appears to implement an honest task-auditing script, but you should not install it blind. Before using: 1) Confirm and/or change the TASKS_DIR and MEMORY_DIR to a safe, non-root workspace and ensure the agent will have appropriate but not excessive write permissions. 2) Resolve the threshold mismatch (SKILL.md/skill.json vs audit.sh) so behavior matches expectations. 3) Inspect audit.sh locally to confirm it matches your policy (it writes reports and alerts as markdown files). 4) Run the script in a sandbox or with a test task to verify file paths, side effects, and that no sensitive files are read. If the author can document why /root is required or make paths configurable, this would reduce the concern and could become benign.
功能分析
Type: OpenClaw Skill Name: task-auditor Version: 1.0.0 The 'task-auditor' skill is a utility designed to evaluate the quality of tasks performed by other agents using quantitative metrics like log length and iteration counts. The core logic in 'audit.sh' performs standard file system operations within the local workspace to generate reports and alerts, with no evidence of data exfiltration, malicious execution, or harmful prompt injection.
能力评估
Purpose & Capability
The skill claims to be an independent task auditor and includes a shell script that performs log/report checks — that matches the stated purpose. However the runtime script hardcodes filesystem paths under /root/.openclaw/workspace (TASKS_DIR and MEMORY_DIR) while the skill metadata declares no required config paths or environment. The script writes audit and alert files into those locations; that filesystem access was not declared in the registry metadata and may require elevated permissions or an expected workspace layout.
Instruction Scope
SKILL.md describes reasonable audit checks and the included audit.sh implements them (log lines, iterations, report size, keywords, timestamps). It does not call external endpoints or exfiltrate data. Minor scope issues: SKILL.md claims '时间戳不可伪造' (timestamps cannot be forged) but the script performs only simple grep checks and does not implement tamper-proofing; SKILL.md and script disagree about the passing thresholds (SKILL.md/skill.json treat ≥80 as excellent, but audit.sh treats ≥90 as the cutoff for 'excellent' and considers <90 a failure).
Install Mechanism
There is no install spec (instruction-only), which is lower risk. However the package includes executable code (audit.sh) that will be run — so although nothing is downloaded at install time, the skill will perform filesystem writes when executed. That distinction is important: no install-time network risk, but runtime writes occur.
Credentials
The skill declares no required credentials or environment variables, and the script does not read secrets. Still, it assumes specific writable directories under /root/.openclaw/workspace/tasks and /root/.openclaw/workspace/memory. Requiring write access to /root paths is disproportionate for many environments and should be documented or made configurable. No explicit justification for using root-level paths is provided.
Persistence & Privilege
The skill is not marked always:true and does not request autonomous elevation. It writes its own audit and alert files in the workspace but does not modify other skills or system-wide configuration. Runtime file writes are normal for an auditor but should be constrained to a documented, configurable workspace.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install task-auditor
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /task-auditor 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Task Auditor 1.0.0 – Initial Release - Introduces an independent third-party audit system for auto-iterator tasks to prevent low-effort submissions. - Implements a comprehensive scoring and rating system based on quantifiable criteria (logs, iterations, report length, timestamps, and substance). - Adds automatic reporting, warning, and archival workflows for task quality. - Ensures separation between executor and auditor roles, with transparent and traceable logs. - Supports automatic alerts and random checks for continuous quality assurance.
元数据
Slug task-auditor
版本 1.0.0
许可证
累计安装 2
当前安装数 2
历史版本数 1
常见问题

Task Auditor 是什么?

独立第三方审计auto-iterator任务质量,按执行日志、迭代次数、报告质量等指标评分防止偷懒并自动警报。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 288 次。

如何安装 Task Auditor?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install task-auditor」即可一键安装,无需额外配置。

Task Auditor 是免费的吗?

是的,Task Auditor 完全免费(开源免费),可自由下载、安装和使用。

Task Auditor 支持哪些平台?

Task Auditor 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Task Auditor?

由 zenmejiang-commits(@zenmejiang-commits)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论