gear Piv — 多阶段工作流编排
v1.0.3PIV 工作流编排器,以“计划-实现-验证”循环驱动多阶段软件开发。支持 PRD 编写、PRP 生成、代码库分析与自动化验证,可配合多智能体分阶段交付功能。
0· 1.5k·2 当前·2 累计
by 安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
This skill is largely coherent with its stated purpose (orchestrating PIV workflows) but there are a few things to verify before installing or using it:
1) Tooling & credentials: The manifest only lists git as required, but the instructions reference tools like tree, gh (GitHub CLI), and a sessions_spawn tool. If you expect the skill to search GitHub or private repos, confirm what credentials (GH_TOKEN, etc.) the platform will need and whether the skill will request them explicitly. Do not prov...详细分析 ▾
ℹ 用途与能力
Name and description match the provided instructions: the skill orchestrates Plan→Implement→Validate workflows, creates PRDs/PRPs, analyzes codebases, spawns sub-agents, and writes files under a project path. Requested resources are minimal (git only), which is plausible. However, the SKILL.md metadata references a GitHub homepage (https://github.com/SmokeAlot420/ftw) while the registry summary stated 'Source: unknown / Homepage: none' — a minor metadata inconsistency. The instructions also reference tools like `tree` and `gh` and expect a sessions_spawn tool; those tools are not declared as required binaries, which is an under-specification (not necessarily malicious, but surprising).
ℹ 指令范围
The SKILL.md instructs the agent to read and write files under PROJECT_PATH (create PRDs/PRPs/templates, write PRD and PRP files), run local shell commands (ls, mkdir, grep, tree if available), spawn sub-agents via sessions_spawn, run test/lint commands, and optionally perform web searches or use the GitHub CLI. Those actions are coherent with a project orchestration tool. Caveats: 'Use whatever research tools your platform provides' and explicit web-search/gh usage are broad and could cause external queries that include project or conversation content — the skill does not declare or limit what external endpoints are used. The instructions do not request unrelated secrets, nor do they instruct reading system config outside the project path, so there is no explicit file-exfiltration step, but the web-research and sub-agent flow could leak project/user content to external services depending on how the platform implements those tools.
✓ 安装机制
This is instruction-only (no install spec, no code files executed). That is the lowest-risk install pattern — nothing is downloaded or written by an installer. Runtime behavior will depend on the platform's session tooling rather than any bundle-installed binaries.
ℹ 凭证需求
The skill declares no required environment variables or credentials, which is consistent with an instruction-only orchestrator. However, the instructions optionally recommend using the GitHub CLI (`gh`) and conducting web searches; those tools often rely on credentials (e.g., GH_TOKEN) to access private repos. The skill does not declare those env vars or request them as required, so if you expect it to search private repos or use authenticated APIs, you should not assume it will prompt for or protect credentials. In short: environment requests are minimal, but there are implicit credential needs that are not documented.
⚠ 持久化与权限
The skill is not always-included (always:false) and is user-invocable. Notably, disable-model-invocation is true in the SKILL.md metadata — this reduces autonomous model invocations for the skill itself. However, the instructions repeatedly instruct spawning fresh sub-agents via a sessions_spawn tool (non-blocking spawns and receiving results). There is a potential mismatch: the manifest forbids model invocation for the skill, yet the orchestrator is designed to create and rely on sub-agent model sessions. Depending on platform semantics, this could either mean the skill will be non-functional or rely on platform tools that do model invocation on its behalf. Clarify with the platform: will sessions_spawn be allowed when disable-model-invocation is true? If sessions_spawn causes the platform to spawn agents that run models, that increases blast radius (the orchestrator may cause many sub-agents to run and access project data).
安全有层次,运行前请审查代码。
运行时依赖
🖥️ OSmacOS · Linux
版本
latestv1.0.32026/2/8
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install ftw
镜像加速npx clawhub@latest install ftw --registry https://cn.longxiaskill.com