构建
v1.0.1在 OpenClaw 内组建并配置一支完整的 AI 软件开发团队。当有人说“组建软件开发团队”“设置……”时使用此技能。
0· 17·0 当前·0 累计
by 下载技能包
最后更新
2026/4/26
安全扫描
OpenClaw
安全
medium confidence该技能仅作为指令编排,内部逻辑与其声明目的一致,但会将特权操作委托给其他 admin/dependency skills——使用前需先行审查。
评估建议
This skill is primarily an orchestration script that delegates privileged actions to other skills rather than handling secrets itself. Before installing/using it: 1) Inspect and trust the openclaw-administrator and any recommended dependency skills (Asana, Git, Email, openclaw-recovery-manager) because they will hold and use your actual credentials and have elevated privileges. 2) Confirm you are comfortable with workspace files (USER.md, TOOLS.md, HEARTBEAT.md) containing project metadata and e...详细分析 ▾
✓ 用途与能力
Name/description align with the actual behavior in SKILL.md: it collects project metadata, env-var NAMES (not values), and instructs the openclaw-administrator and other dependency skills to create agents, wire repos, and configure Asana. Requiring a privileged administrator skill for agent creation/configuration is expected for this purpose.
ℹ 指令范围
Instructions stay within setup/orchestration scope and explicitly state they do not read/store secret VALUES. The skill asks for repo SSH URLs and the NAMES of env vars that hold credentials and creates plain-text workspace files (USER.md, TOOLS.md, HEARTBEAT.md) containing non-secret metadata. Passing env-var NAMES to dependency skills is reasonable but leaks naming/operational metadata that some organizations consider sensitive; the skill also relies on other installed skills to perform API calls and credential handling.
✓ 安装机制
Instruction-only skill with no install spec, no downloads, and no code files — minimal install risk (nothing written to disk by this skill itself).
ℹ 凭证需求
This skill does not request credential values or list required env vars itself; it requests only env-var NAMES for Asana PAT, GitHub PAT, and an email label. That is proportional to its orchestration role. However, it delegates secrets and API activity to other dependency skills (openclaw-administrator, Asana/Git/email skills) — you should vet those skills because they will hold/use the actual secrets. One minor inconsistency: the SKILL asks for GitHub PAT name while also recommending SSH repo URLs; both are plausible (PAT for API operations, SSH for repo clone), but verify you understand which credential is used for which operation.
ℹ 持久化与权限
The skill is not marked always:true and does not self-persist. It instructs the openclaw-administrator to change agent configurations (e.g., heartbeat interval) and to write workspace files — appropriate for a setup orchestrator. Because those actions are performed via a privileged admin skill, review that admin skill's permissions. Also note that the platform-default autonomous invocation is allowed; combined with powerful dependency skills, a compromised dependency could have greater impact — review dependency trust before running autonomously.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.12026/4/26
- 澄清凭据与安全处理:本 skill 从不读取或存储任何 token 或 secret,仅引用 env var 名称,所有凭据使用均交由依赖 skill 完成。 - 新增 OpenClaw 心跳调度及 setup 阶段创建 workspace 文件的明确文档。 - 更新“必需 skills”部分,依赖要求更严格,安装说明更清晰。 - 明确所有 Asana 与 GitHub API 操作均由另行安装的依赖 skill 执行,非本 skill 自身。 - 全面增强文档与用户提示,逐步访问/配置内容更透明。
● Pending
安装命令
点击复制官方npx clawhub@latest install build-dev-team
镜像加速npx clawhub@latest install build-dev-team --registry https://cn.longxiaskill.com 镜像可用
技能文档
本技能在你的 OpenClaw 实例内搭建一支完整的 AI 驱动软件开发团队。全程交互式引导——你提供项目信息、选择模型与技能,技能负责完成配置。
凭据与安全模型
本技能不读取、不存储、不请求、不传输任何凭据或密钥。 所有凭据处理由以下组件完成:- openclaw-administrator 技能:使用 OpenClav 自带配置管理为智能体写入设置
- 各智能体上安装的 Asana 依赖技能:保存并使用 Asana PAT
- 各智能体上安装的 Git 依赖技能:保存并使用 GitHub PAT
- PM 智能体上安装的 Email 依赖技能:保存并使用邮箱凭据
本技能仅收集环境变量名称(如 TA_ASANA_PAT)——绝不收集其值。这些名称被传给依赖技能,以便它们从运行时环境拉取对应凭据。本技能绝不接触令牌值。
凭据必须事先存入你的 secret 管理系统(Kubernetes ConfigMap/Secret、.env 文件等),由智能体运营者注入运行时,而非本技能。
心跳调度
本配置设置的 30 分钟智能体心跳由 OpenClaw 平台 调度并触发,非本技能。本技能仅指示 openclaw-administrator 在各智能体的 OpenClaw 配置中设定心跳间隔,平台负责后续调度。本技能不自调用、不设置定时器、不跨会话持久化。智能体工作区文件
安装过程为每个智能体创建并填充以下由运营者维护的工作区文件:- USER.md — 项目列表、Asana GID、仓库 URL、团队名单。不含密钥。
- TOOLS.md — 可用依赖技能及其使用的环境变量名(仅标签)。
- HEARTBEAT.md — 每次心跳需检查的事项。不含密钥。
这些纯文本文件在 setup 阶段一次性生成,后续由运营者在项目变更时手动更新。
---
开始之前 —— 必需技能
必需(运行本技能前安装):openclaw-administrator(EncryptShawn)——负责创建智能体、分配模型、路由配置、写入工作区文件。安装前请审查其权限,该技能拥有 OpenClaw 实例高级权限。
强烈建议:
openclaw-recovery-manager(EncryptShawn)——提供配置快照与紧急回滚。我们会在开始前和确认一切正常后各拍一次快照。
---
步骤 0 —— 安全第一
触碰任何配置前:- 检查是否已安装 openclaw-recovery-manager。
pre-dev-team-setup-[当天日期]
- 若未安装,询问:
---
步骤 1 —— 收集项目信息
在配置任何内容前,先向用户询问并记录以下信息: ``
我需要一些细节来正确搭建团队:
- 项目名称?(如 talent_avatar——后续作为项目标识)
- Asana workspace GID?(在 Asana 工作区设置或 URL 中可找到)
- 是否已有该项目的 Asana 项目板?
- 有 → 请提供 Asana 项目 GID(从看板 URL 获取)
- 无 → 我将引导你创建
- GitHub 仓库 SSH URL(仅私有仓库,需 SSH 访问):
- 前端仓库:
``