Plan and run end-to-end pre-release validation for OpenClaw plugins.
The material indicates a prompt/instruction-oriented skill with no declared secrets, remote endpoints, or extra system privileges. Combined with an open-source GitHub source and very strong community adoption, the overall risk is low, though the README does include guidance for local commands, Docker, and GitHub Actions that would matter if a user chose to execute them manually.
The material explicitly states that no keys or environment variables are required. The README only mentions live probes 'when safe credentials exist' and does not request credential collection, upload, or management; no clear credential leakage or abuse pattern is shown.
System checks and metadata show no remote endpoints, and the skill is classified as prompt-only. While the documentation mentions GitHub Actions, gateway startup, and provider/channel probes as test scenarios, it does not show the skill itself sending data to unknown or unrelated endpoints.
As a prompt-only skill, the material merely suggests test steps involving pnpm, git, and Docker commands; it does not indicate that the skill itself automatically executes code, starts processes, or directly invokes system capabilities.
No requirement is declared to read or write specific files, directories, account data, or external resources. The README mentions checking repository state from the repo root and validating package behavior from a clean HOME, but these are testing instructions rather than data-access rights granted to the skill itself.
The source is an open-source GitHub repository with extremely strong community adoption (about 377k stars), which is strong positive evidence. The license and maintenance status are not clearly stated, leaving some information gaps, but given auditable source code and high community trust, there are no supply-chain red flags strong enough to justify a high-risk rating.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "release-openclaw-plugin-testing" skill from askskill: 1. Download https://raw.githubusercontent.com/openclaw/openclaw/main/.agents/skills/release-openclaw-plugin-testing/SKILL.md 2. Save it as ~/.claude/skills/release-openclaw-plugin-testing/SKILL.md 3. Reload skills and tell me it's ready
Create a pre-release validation plan for an OpenClaw plugin covering bundled plugins, package artifacts, lifecycle commands, doctor/fix, config round-trip, gateway startup, SDK compatibility, Docker E2E, Package Acceptance, and Testbox proof. Organize it by priority, pass criteria, and execution order.
A structured test plan with scope, execution order, pass criteria, and risk notes.
Break OpenClaw pre-release validation into executable automated checks. For each step, provide inputs, commands, expected results, and troubleshooting advice, focusing on doctor/fix, gateway startup, Docker E2E, and SDK compatibility.
A practical set of automated validation steps ready for CI or release workflows.
I will provide results from OpenClaw pre-release tests. Summarize passes and failures, flag blocking issues, compatibility risks, and recommended fixes, then give a release-go/no-go decision. Include both a brief summary and detailed conclusions.
A release readiness report with clear outcomes, risk levels, and next-step recommendations.
Use this skill when the user asks for plugin release confidence, plugin lifecycle
sweeps, package-artifact plugin proof, or "what else should we test before
release?" It complements openclaw-testing; use that skill too when choosing
the cheapest safe runner or debugging a failing lane.
Prove the plugin system as a product surface, not just as source tests:
HOMEFrom the OpenClaw repo root:
pnpm docs:list
git status --short --branch
readlink node_modules
pnpm changed:lanes --json
In Codex worktrees under .codex/worktrees, node_modules must be a symlink to
the main OpenClaw checkout. Do not run pnpm install there. For broad or
package-heavy proof, use Blacksmith Testbox or GitHub Actions.
Prefer this order:
ci-build-artifacts-testbox.yml Testbox when Docker/package lanes need
seeded dist, dist-runtime, and package caches.ci-check-testbox.yml Testbox for source checks, targeted Vitest,
package-boundary checks, or focused Docker lanes.Avoid long package Docker runs from a stale sparse worktree. If Testbox sync
reports hundreds of changed files or starts deleting package inputs, stop and
warm a fresh box from current main, or switch to Package Acceptance.
Run or verify these before inventing new coverage:
OPENCLAW_TESTBOX=1 pnpm check:changed
pnpm run test:extensions:package-boundary:canary
pnpm run test:extensions:package-boundary:compile
pnpm test:docker:plugins
OPENCLAW_PLUGINS_E2E_CLAWHUB=0 pnpm test:docker:plugins
pnpm test:docker:plugin-update
pnpm test:docker:bundled-channel-deps:fast
For full bundled install/uninstall proof, shard the packaged sweep:
OPENCLAW_BUNDLED_PLUGIN_SWEEP_TOTAL=8 \
OPENCLAW_BUNDLED_PLUGIN_SWEEP_INDEX=<0-7> \
pnpm test:docker:bundled-plugin-install-uninstall
Expected current packaged scope: 116 public bundled plugins over shards 0-7.
Private QA plugins are source-mode only unless a package explicitly includes
them.
Use this matrix for pre-release signoff. Record pass/fail, run URL/Testbox ID, package SHA/version, and skipped-live reason.
| Surface | Proof | Preferred runner |
|---|---|---|
| Package artifact | Package Acceptance suite_profile=package or custom lanes | GitHub Actions |
| Bundled lifecycle | 8-shard test:docker:bundled-plugin-install-uninstall | Testbox or release Docker |
| External plugins | test:docker:plugins and plugins-offline | Testbox/package acceptance |
| Update no-op | test:docker:plugin-update | Testbox/package acceptance |
| Channel runtime deps | test:docker:bundled-channel-deps:fast plus key channels | Testbox/package acceptance |
| Doctor/fix | seeded bad configs + doctor --fix --non-interactive | new Docker/Testbox harness |
| Config round-trip | config set/get, inspect, doctor, reload, diff hash | new Docker/Testbox harness |
| Gateway bootstrap | clean HOME, plugin groups enabled/disabled, status JSON | new Docker/Testbox harness |
| SDK compatibility | directory, tgz, and file: external plugins using SDK subpaths | test:docker:plugins plus new smoke |
| Live-ish | redacted provider/channel probes only for present env | Testbox live lanes |
Use this when validating a release branch, beta, or candidate package:
…
Fetch GitHub issues, create fixes, open PRs, and handle reviews.
Convert text to speech locally and offline with sherpa-onnx, no cloud needed.
Regenerate OpenClaw release changelog sections from Git history before releases.
Prepare and verify OpenClaw stable or beta releases and release notes.
Automate web page workflows, login checks, tab handling, and recovery steps.
Verify an OpenClaw release is fully published and working across all channels.
Run, debug, monitor, and summarize OpenClaw release CI workflows.
Draft OpenClaw release announcements and testing guidance from release evidence.
Investigate test memory growth, heap leaks, and OOM root causes.
Find and fix small high-confidence OpenClaw bugs ready to land.
Choose and run the safest, cheapest OpenClaw test and validation path.
Refactor OpenClaw docs pages with source-checked preservation, clearer structure, and verification.