Run, inspect, debug, and extend OpenClaw QA scenarios and artifacts.
This skill appears to be an open-source, prompt/document-style QA guide for the OpenClaw repository, with strong public provenance and very high community trust, so overall risk is low. However, its README explicitly guides local command execution, access to local artifacts, and in some scenarios the use of external services and sensitive credentials, so least-privilege controls are still advisable.
System metadata says the skill itself requires no mandatory secrets, but the README explicitly references OPENAI_API_KEY, 1Password (op), and Telegram/Convex QA credentials for live testing. This means the skill content may handle and instruct use of sensitive credentials, creating operational misuse/exposure risk, though there is no evidence of embedded or hardcoded secrets in the skill itself.
System information lists no fixed remote endpoints, but the documentation describes real validation lanes involving OpenAI, Matrix, Telegram, and Convex. If followed, test data may be sent to those external services. The skill itself shows no autonomous exfiltration behavior, but its intended workflow clearly includes networked testing against third-party services.
This artifact is classified as prompt-only, and the materials do not show any executable binary, install script, or auto-triggered mechanism; the skill itself does not directly obtain local code execution privileges. While the README provides pnpm/openclaw command examples, those are user-invoked repository operations rather than execution performed by the skill itself.
The description emphasizes 'Repo-local QA only' and mainly references repository docs, test scenarios, and .artifacts output paths. There is no indication of reading unrelated system directories, browser data, or broad user files. Based on the available materials, its data access scope is primarily limited to the repo and test artifacts.
The source is a GitHub open-source repository with extremely high community adoption (about 377k stars), both of which are strong risk-reducing signals; the source should in principle be auditable. The missing license declaration and unknown maintenance status are worth noting, but they are not sufficient on their own to justify a high-risk rating.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "openclaw-qa-testing" skill from askskill: 1. Download https://raw.githubusercontent.com/openclaw/openclaw/main/.agents/skills/openclaw-qa-testing/SKILL.md 2. Save it as ~/.claude/skills/openclaw-qa-testing/SKILL.md 3. Reload skills and tell me it's ready
Help me analyze this failed scenario in OpenClaw qa-lab, identify the root cause, and provide reproduction steps and fix suggestions.
A root-cause analysis, key log clues, reproduction steps, and actionable fix recommendations.
Explain what the logs, screenshots, and result files from this OpenClaw qa-channel scenario mean, and summarize the test conclusion.
An explanation of each artifact type, interpretation of results, and a concise team-ready conclusion.
Based on the existing OpenClaw qa-lab scenario, add a new test case for edge conditions and explain the required steps and validation points.
A new test case design, modification notes, assertion checks, and a recommended execution approach.
Use this skill for qa-lab / qa-channel work. Repo-local QA only.
docs/concepts/qa-e2e-automation.mddocs/help/testing.mddocs/channels/qa-channel.mdqa/README.mdqa/scenarios/index.mdextensions/qa-lab/src/suite.tsextensions/qa-lab/src/character-eval.tsopenai/gpt-5.4openai/gpt-5.4-proopenai/gpt-5.4-minimock-openailive-frontierOPENCLAW_LIVE_OPENAI_KEY="${OPENAI_API_KEY}" \
pnpm openclaw qa suite \
--provider-mode live-frontier \
--model openai/gpt-5.4 \
--alt-model openai/gpt-5.4 \
--output-dir .artifacts/qa-e2e/run-all-live-frontier-<tag>
.artifacts/qa-e2e/run-all-live-frontier-<tag>/qa-suite-summary.json.artifacts/qa-e2e/run-all-live-frontier-<tag>/qa-suite-report.mdopenclaw-qa listen port and report http://127.0.0.1:<port>.For local QA-lab OpenTelemetry validation, use:
pnpm qa:otel:smoke
This starts a local OTLP/HTTP trace receiver, runs the otel-trace-smoke
scenario through qa-channel, decodes the emitted protobuf spans, and verifies
the exported trace names and privacy contract. It does not require Opik,
Langfuse, or external collector credentials.
pnpm openclaw qa matrix defaults to the full all profile. Use explicit
profiles for faster CI/release proof:
OPENCLAW_QA_MATRIX_NO_REPLY_WINDOW_MS=3000 \
pnpm openclaw qa matrix --profile fast --fail-fast
fast: release-critical transport contract, excluding generated image and
deep E2EE recovery inventory.transport, media, e2ee-smoke, e2ee-deep, e2ee-cli: sharded full
Matrix coverage.QA-Lab - All Lanes uses explicit fast Matrix on scheduled runs. Manual
dispatch keeps matrix_profile=all as the default and always shards that full
Matrix selection.op only inside tmux for QA secret lookup in this repo.op account list
OpenClawTelegram E2EOPENCLAW_QA_TELEGRAM_DRIVER_BOT_TOKENOPENCLAW_QA_TELEGRAM_SUT_BOT_TOKENOPENCLAW_QA_PROVIDER_MODEOPENCLAW_NPM_TELEGRAM_PACKAGE_SPECOpenClawOPENCLAW_QA_CONVEX_SITE_URLOPENCLAW_QA_CONVEX_SECRET_MAINTAINEROPENCLAW_QA_CONVEX_SECRET_CIPrivateOPENCLAW QA, Convex, TelegramOPENCLAW_QA_TELEGRAM_GROUP_ID may be stored separately from Telegram E2EOPENCLAW_QA_TELEGRAM_GROUP_IDOpenClaw/OPENCLAW_QA_CONVEX_SITE_URL; if that is stale or unclear, ask for the active pool URL before runningOPENCLAW_QA_TELEGRAM_GROUP_ID="..." \
OPENCLAW_QA_TELEGRAM_DRIVER_BOT_TOKEN="..." \
OPENCLAW_QA_TELEGRAM_SUT_BOT_TOKEN="..." \
…
Search the web, extract content, and organize research efficiently.
Transcribe audio into text or speaker-separated transcripts with OpenAI APIs.
Control BluOS device discovery, playback, grouping, and volume from the command line.
Manage files, folders, and storage in Feishu cloud drive.
Create, refine, validate, and restructure AgentSkills and SKILL.md files.
Run, debug, monitor, and summarize OpenClaw release CI workflows.
Choose and run the safest, cheapest OpenClaw test and validation path.
Diagnose OpenClaw issues by choosing logs, probes, and proof paths first.
Analyze and optimize OpenClaw test performance, memory use, and coverage slowdowns.
Create OpenClaw Docker end-to-end tests and live provider lanes.
Connect AI assistants to OpenClaw agents, sessions, and workspace files.
Run, debug, rerun, and interpret OpenClaw Parallels install and smoke checks.