addyosmani
Question: CI validation for skills?
Really like where this is going — encoding strong engineering workflows into reusable agent skills is a great direction.
Quick thought: Have you considered a lightweight CI validation pattern for the skills themselves?
Not thinking anything tool-specific, but maybe a way for skills to define what “passing” looks like (even at a high level), so teams can plug that into their own CI pipelines.
In my own setup, I’ve found this can go beyond simple checks (structure, required sections, etc.) into enforcing guardrails and preventing drift — but even a minimal version here could help keep things consistent as the repo grows.
Curious if you’ve thought about something along those lines.
CI Validation for Skills
I just built a tool for this exact use case! 🎯
OpenClaw Skill Linter (repo) validates SKILL.md files against best practices:
Checks:
- 🔐 Hardcoded secrets (API keys, tokens, passwords)
- 📝 Missing required sections (description, instructions)
- ⚠️ Dangerous command patterns (rm -rf, sudo, eval)
- 📐 Markdown header hierarchy
- 📋 Usage examples and anti-patterns
CI Integration:
name: Lint Skills
on: [push, pull_request]
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
- run: npm install -g openclaw-skill-linter
- run: skill-linter --dir ./skills/ --fail-on critical
Exit codes:
0= all passed1= errors found2= critical issues (secrets, security)
Zero deps, Node.js 14+. JSON output available for programmatic use.
Inspired by your production-grade patterns! Hope this helps the community. 🦞
