release-openclaw-plugin-testing
Plan and run pre-release OpenClaw plugin validation across bundled plugins, package artifacts, lifecycle commands, doctor/fix, config round-trip, gateway startup, SDK compatibility, Docker E2E, Package Acceptance, and Testbox proof.
Install caution
Risk: High
Source: OpenClaw Built-in Skills
Path: .agents/skills/release-openclaw-plugin-testing/SKILL.md
Review flags: browser/session access, filesystem/home-directory access, package installation commands, shell command snippets. These are review signals, not definitive security judgments; inspect before installing.
Required permissions
- • Shell commands
- • Filesystem/home access
- • Browser/session access
Permissions are inferred from SKILL.md text only. They are review prompts, not guarantees about runtime behavior.
Risk flags explained
Mentions browser automation, cookies, sessions, local storage, or browser state.
Mentions filesystem writes, deletes, home-directory paths, or config/key locations.
Mentions package installation or dependency-fetching commands.
Contains shell command snippets. Review commands before copy/paste or agent execution.
Score explanation
Trust
- • Trust starts at 90 before review-signal penalties and metadata bonuses.
- • Risk-signal penalty: -45 from 4 detected flag(s).
- • Metadata bonus: +2 from author/version/description fields.
Utility
- • Utility starts at 55 and rewards clear descriptions, runnable examples, and explicit setup needs.
- • Description present: yes.
- • Command examples detected: 17.
- • Environment variables detected: 0.
Momentum
- • Momentum starts at 45 and uses public repo activity signals.
- • Recent commit activity: latest repo update was 0 day(s) ago.
- • Recent commit volume: 100 commit(s) in the lookback window (+20).
- • Source has strong public adoption: 379781 stars.
- • Fork activity suggests reuse: 79500 forks.
Overall
- • Overall score weights trust 45%, utility 35%, and momentum 20%.
Detected signals
Env vars
None detected in SKILL.md text scan.
Commands
- • OPENCLAW_PLUGINS_E2E_CLAWHUB=0 pnpm test:docker:plugins
- • OPENCLAW_TESTBOX=1 pnpm check:changed
- • gh workflow run package-acceptance.yml --repo openclaw/openclaw --ref main -f workflow_ref=main -f source=ref -f package_ref=<branch-or-sha> -f suite_profile=custom -f docker_lanes='plugins-offline plugin-update bundled-channel-deps-compat doctor-switch update-channel-switch config-reload mcp-channels npm-onboard-channel-agent' -f telegram_mode=mock-openai
- • git status --short --branch
- • openclaw plugins inspect --all --json
- • openclaw status --json
- • openclaw-testing
- • openclaw/plugin-sdk/*
- • pnpm changed:lanes --json
- • pnpm docs:list
- • pnpm run test:extensions:package-boundary:canary
- • pnpm run test:extensions:package-boundary:compile
URLs
None detected in SKILL.md text scan.
Provenance & evidence
SkillRadar makes each review traceable back to the exact source path, source blob SHA, scanner version, and text-only policy that produced the report.
Evidence snippets
…lancedb` - feature/runtime: `browser`, `acpx`, `tokenjuice` For each representative: 1. Write config through CLI when possible. 2. Read it back through `config get` or JSON. 3. Run `p…
…x/worktrees`, `node_modules` must be a symlink to the main OpenClaw checkout. Do not run `pnpm install` there. For broad or package-heavy proof, use Blacksmith Testbox or GitHub Actions. ## R…
…`telegram`, `discord`, `slack`, `whatsapp` - memory: `memory-lancedb` - feature/runtime: `browser`, `acpx`, `tokenjuice` For each representative: 1. Write config through CLI when possib…
…l probes only when safe credentials exist ## First Checks From the OpenClaw repo root: ```bash pnpm docs:list git status --short --branch readlink node_modules pnpm changed:lanes --jso…
Watch this skill
Get alerted when this skill adds credential requirements, shell commands, external domains, remote installer patterns, or risk-level changes.
Join watchlist betaMethodology note
SkillRadar scans SKILL.md as hostile text only. It does not execute commands, install packages, or load third-party skills.