SR
SKILLRADAR
AI Security • Benchmarking • Index
Menu
Trust Report v1

release-openclaw-ci

Run, watch, debug, and summarize OpenClaw full release CI, release checks, live provider gates, install/update proofs, and release-secret preflights.

Overall
73
Trust
52
Utility
88
Momentum
95

Install caution

High-risk behavior present

Risk: High

Source: OpenClaw Built-in Skills

Path: .agents/skills/release-openclaw-ci/SKILL.md

Review flags: browser/session access, network access or external URLs, package installation commands, shell command snippets. These are review signals, not definitive security judgments; inspect before installing.

Required permissions

  • Environment variables / secrets
  • Shell commands
  • Network/API usage
  • Browser/session access

Permissions are inferred from SKILL.md text only. They are review prompts, not guarantees about runtime behavior.

Risk flags explained

browser_or_session_accessmedium

Mentions browser automation, cookies, sessions, local storage, or browser state.

network_accessmedium

Mentions external URLs, network APIs, downloads, or HTTP client usage.

package_installmedium

Mentions package installation or dependency-fetching commands.

shell_commandmedium

Contains shell command snippets. Review commands before copy/paste or agent execution.

Score explanation

Trust

  • Trust starts at 90 before review-signal penalties and metadata bonuses.
  • Risk-signal penalty: -40 from 4 detected flag(s).
  • Metadata bonus: +2 from author/version/description fields.

Utility

  • Utility starts at 55 and rewards clear descriptions, runnable examples, and explicit setup needs.
  • Description present: yes.
  • Command examples detected: 13.
  • Environment variables detected: 1.

Momentum

  • Momentum starts at 45 and uses public repo activity signals.
  • Recent commit activity: latest repo update was 0 day(s) ago.
  • Recent commit volume: 100 commit(s) in the lookback window (+20).
  • Source has strong public adoption: 379781 stars.
  • Fork activity suggests reuse: 79500 forks.

Overall

  • Overall score weights trust 45%, utility 35%, and momentum 20%.

Detected signals

Env vars

  • API

Commands

  • $openclaw-testing
  • $release-openclaw-maintainer
  • gh api rate_limit --jq '.resources.core'
  • gh run view
  • gh run view <child-run-id> --repo openclaw/openclaw --json jobs --jq '.jobs[] | select(.conclusion=="failure" or .conclusion=="timed_out" or .conclusion=="cancelled") | [.databaseId,.name,.conclusion,.url] | @tsv'
  • gh run watch <full-release-run-id> --repo openclaw/openclaw --exit-status
  • gh workflow run full-release-validation.yml --repo openclaw/openclaw --ref main -f ref=<release-sha> -f provider=openai -f mode=both -f release_profile=full -f rerun_group=all
  • gh workflow run openclaw-performance.yml --repo openclaw/openclaw --ref main -f target_ref=<release-sha> -f profile=release -f repeat=3 -f deep_profile=false -f live_openai_candidate=false -f fail_on_regression=true
  • git rev-parse HEAD
  • git status --short --branch
  • node .agents/skills/release-openclaw-ci/scripts/release-ci-summary.mjs <full-release-run-id>
  • node .agents/skills/release-openclaw-ci/scripts/verify-provider-secrets.mjs --required openai,anthropic,fireworks

URLs

None detected in SKILL.md text scan.

Provenance & evidence

SkillRadar makes each review traceable back to the exact source path, source blob SHA, scanner version, and text-only policy that produced the report.

source
github.com/openclaw/openclaw@main
path
.agents/skills/release-openclaw-ci/SKILL.md
source blob SHA
e2fe645422e3ce1cca940ffb7af4b30645fe38b7
scanner version
0.3.0
security model
text_only_no_execute_no_install_no_secrets
scan policy
Fetched and scored as text only; no install, no execution, no runtime loading.

Evidence snippets

package_install

…e.json` or `pnpm-lock.yaml`, rebuild only the task-owned disposable box with `CI=true pnpm install --frozen-lockfile`, then run an explicit `require.resolve()` probe before Docker or foc…

network_access

…t child summaries. Avoid broad `gh run view` polling loops; REST quota is easy to burn. - Fetch logs only for failed or currently-blocking jobs. If quota is low, stop polling and wait f…

browser_or_session_access

…xact missing provider. - Use `$one-password` for secret reads/writes: one persistent tmux session, targeted items only, no secret output. - Watch one parent run plus compact child summari…

shell_command

…# OpenClaw Release CI Use this with `$release-openclaw-maintainer` and `$openclaw-testing` when a release candidate needs full validation, install/update proof, live provider checks, or CI recovery. ## Guardrails - No version bump, tag, npm publish, GitHub re

Watch this skill

Get alerted when this skill adds credential requirements, shell commands, external domains, remote installer patterns, or risk-level changes.

Join watchlist beta

Methodology note

SkillRadar scans SKILL.md as hostile text only. It does not execute commands, install packages, or load third-party skills.

View source SKILL.mdBack to changesView sources