An engineering case study of an autonomous, self-maintaining catalog — designed by Claude Opus, run by a fleet of GPT-driven agents, and governed by a human at a handful of deliberate checkpoints.
The public catalog at agentskillexchange.com — the product this repo dissects.
Agent Skill Exchange (ASE) is a public, curated catalog of reusable AI-agent skills:
the product at agentskillexchange.com and the canonical
catalog at agentskillexchange/skills
(2,500+ curated skills, 17 categories, 15 industry collections, with a published security_reviewed trust
tier). Almost all of it is discovered, written, verified, published, and kept fresh by agents — with
humans approving only the changes that are hard to undo.
This repo is the story of how it works — the architecture, the agent fleet, the model strategy, the trust gates, and the data-integrity failure it caught and fixed. It is not the catalog and not the operations manual (see RELATED.md); it's the systems-engineering narrative behind them.
| Curated skills in the catalog | 2,500+ |
| Categories · industry collections | 17 · 15 |
| Agent frameworks targeted | 8+ — OpenClaw, Claude Code, Codex, GitHub Copilot, Gemini, Cursor, MCP, LangChain… |
| Autonomous crons | 10, across 3 GPT model tiers (gpt-5.5 / gpt-5.4 / gpt-5.4-mini) |
| Public trust signal | security_reviewed (gated, never applied to boilerplate) |
| Agent-discovery manifests | daily regen — openclaw.json · codex.json · skills.json · llms.txt |
| Humans in the daily loop | 0 — humans gate only the irreversible changes |
Stack: WordPress + a custom marketplace plugin (data/product) · OpenClaw scheduler running a Codex-style GPT harness (execution) · GitHub + Actions (canonical catalog & CI) · Python/Bash generators · Claude Opus (planning & review).
A traditional catalog needs editors. ASE replaces the editorial team with an agent fleet and keeps the editorial judgment where it belongs — a human approving the few changes that are hard to reverse. The design splits cleanly along two axes:
- Plan vs. execute — Claude Opus did the architecture, the reviews, and the hard root-cause work (this very document is part of that lineage). GPT‑5.x models, running inside the OpenClaw scheduler with a Codex-style harness, do the recurring execution.
- Generate vs. verify — the agents that create content are never the agents that trust it. Verification, security tiers, and structural invariants are enforced by separate passes and deterministic gates, so a confident-but-wrong generation can't promote itself.
flowchart LR
subgraph VPS["OpenClaw VPS — GPT execution engine"]
Cron["10-cron registry<br/>(GPT-5.5 / 5.4 / 5.4-mini)"]
end
subgraph WP["WordPress host"]
Plugin["ase-marketplace-layer<br/>REST API · enrichment · manifests"]
Manifests["openclaw.json · codex.json<br/>skills.json · llms.txt"]
end
subgraph GH["GitHub — canonical catalog"]
Repo["agentskillexchange/skills<br/>SKILL.md · CATALOG · TOP-*"]
CI["validate.yml · security-scan.yml"]
end
Human(["Human approval<br/>(merges · policy · model/auth)"])
Cron -->|publish / enrich| Plugin
Plugin --> Manifests
Cron -->|render + push| Repo
Plugin -->|/browse REST| Cron
Repo --> CI
Human -.gates.-> Cron
Human -.gates.-> Repo
| # | Doc | What it covers |
|---|---|---|
| 01 | System architecture | The two execution planes + GitHub, and the invariants that bind them |
| 02 | The autonomous pipeline | The 10-cron loop: discover → intake → approve → publish → sync → verify → enrich → QA → improve → blog |
| 03 | Model strategy | Opus-as-planner / GPT-as-executor, and the judgment-vs-mechanical model split |
| 04 | Human in the loop | Propose-never-publish, fail-closed gates, and the exact list of human-approval triggers |
| 05 | Quality & trust | Security tiers, CI gates, body-quality gate, smoke tests |
| 06 | Case study: the star-attribution bug | A subtle data-integrity failure, its root cause, and the fix that superseded the workaround |
| 07 | Lessons | What generalizes to any autonomous content system |
Supporting material: diagrams/ (8 Mermaid sources — architecture, cron orchestration & schedule, discovery, approval, skill lifecycle, publish/sync sequence, star-bug) · artifacts/
(sanitized real scripts, schemas, and config) · GLOSSARY.md (terms) · FAQ.md (design Q&A) · RELATED.md (how this fits the other ASE repos).
.
├── README.md ← you are here
├── docs/ ← the case study in 7 parts (read in order)
│ └── 01-system-architecture … 07-lessons
├── diagrams/ ← standalone Mermaid sources
├── artifacts/ ← sanitized real script, schema, config, sample batch
├── GLOSSARY.md · FAQ.md · RELATED.md
└── images/
This is a case study, not a brochure — the public surfaces let you check the claims yourself:
- Live catalog & manifests:
skills.json,openclaw.json,codex.json, andllms.txtat the site root — regenerated daily, each carrying per-skill signals andverificationstatus. - Canonical catalog & CI:
agentskillexchange/skillsand itsvalidate.yml+security-scan.ymlworkflows under.github/workflows/. - Trust records: the public
verification-securityrepo backing thesecurity_reviewedtier.
This repo is written to be public-safe — and "sanitized" here doesn't mean "vague":
- Included — it's what makes the engineering legible: the architecture, the real cron schedules and model mapping, the public REST endpoint and manifest shapes, and a real, unmodified script diff.
- Excluded — a reader doesn't need it and some of it could be abused: credentials and API tokens, the hosts' real names and IPs, and recovery procedures and live runtime state (those stay in private operations docs).
The two infrastructure roles are named by function — "OpenClaw VPS" (execution) and "WordPress host" (data/product) — because their real hosts don't matter to the story.
Artifact fidelity varies, and each file states which it is:
star-guard.diff is real and unmodified; the
cron inventory is real (schedules + models) with
infrastructure abstracted; enrichment-batch.example.json
is synthetic/illustrative; and openclaw.manifest.schema.json
is derived from the public manifests. None of it is meant to be run verbatim.
Released under the MIT License © 2026 Agent Skill Exchange. Prose, diagrams, and the sanitized code excerpts are free to reuse with attribution.
