OSOP — Open Standard Operating Procedures
Universal protocol for defining, validating, risk-assessing, and executing process workflows. Works with any AI coding agent.
Capabilities
When this skill is active, the agent can:
- - Create OSOP workflow definitions from natural language
- Validate workflow YAML against the OSOP schema
- Risk Assess workflows for security issues, permission gaps, destructive commands
- Execute workflows with dry-run mode for safety
- Render workflows as Mermaid diagrams
- Optimize workflows using execution history — detect slow steps, failure hotspots
- Convert between OSOP and external formats (GitHub Actions, BPMN, Airflow)
- Report on workflow executions as standalone HTML
Sub-Skills
This pack includes 4 specialized skills:
| Skill | Command | What it does |
|---|
| INLINECODE0 | INLINECODE1 | Record a structured session log after completing work |
| INLINECODE2 |
/osop-report | Convert .osop + .osoplog.yaml to HTML report |
|
osop-review |
/osop-review | Security & risk analysis of workflows |
|
osop-optimize |
/osop-optimize | Improve workflows from execution history |
OSOP Node Types (v1.0)
16 supported node types in 4 categories:
Actors: human, agent, company, department
Technical: api, cli, db, git, docker, cicd, infra, mcp
Flow Control: system, event, gateway, �INLINECODE23
Use subtype for domain specialization (e.g., type: agent, subtype: llm).
Edge Modes
13 modes: sequential, conditional, parallel, loop, event, fallback, error, timeout, compensation, message, dataflow, signal, weighted, spawn.
Quick Start
1. Define a workflow
CODEBLOCK0
2. Review for risks
Run /osop-review deploy-staging.osop to check for security issues before execution.
3. Execute and log
After running, use /osop-log to record what happened as a structured .osoplog.yaml.
4. Generate report
Run /osop-report to create a standalone HTML report with dark mode and expandable nodes.
Session Logging
After completing multi-step tasks, this skill produces:
- -
.osop — workflow definition (what should happen) .osoplog.yaml — execution record (what actually happened)
These files can be visualized at https://osop-editor.vercel.app or converted to HTML.
Security Metadata
Nodes can declare security.risk_level (low/medium/high/critical), security.permissions, security.secrets, and approval_gate for risk analysis.
Self-Optimization Loop
- 1. Execute workflow → produce �INLINECODE50
- Aggregate stats from past runs
- Run
/osop-optimize → get improvement suggestions - Apply approved changes → execute improved workflow
- Repeat — the SOP gets better each iteration
Links
- - Spec: https://github.com/Archie0125/osop-spec
- Visual Editor: https://osop-editor.vercel.app
- Examples: https://github.com/Archie0125/osop-examples
- Website: https://osop.ai
OSOP — 开放标准操作规程
用于定义、验证、风险评估和执行流程工作流的通用协议。可与任何AI编程代理配合使用。
能力
当此技能激活时,代理可以:
- - 创建 基于自然语言的OSOP工作流定义
- 验证 工作流YAML是否符合OSOP模式
- 风险评估 工作流的安全问题、权限缺口、破坏性命令
- 执行 工作流,支持干运行模式以确保安全
- 渲染 工作流为Mermaid图表
- 优化 基于执行历史的工作流——检测慢速步骤、故障热点
- 转换 OSOP与外部格式(GitHub Actions、BPMN、Airflow)之间的互转
- 报告 工作流执行为独立HTML文件
子技能
此包包含4个专业技能:
| 技能 | 命令 | 功能 |
|---|
| osop-log | /osop-log | 完成任务后记录结构化会话日志 |
| osop-report |
/osop-report | 将.osop + .osoplog.yaml转换为HTML报告 |
| osop-review | /osop-review | 工作流的安全与风险分析 |
| osop-optimize | /osop-optimize | 根据执行历史改进工作流 |
OSOP节点类型(v1.0)
4大类共16种支持的节点类型:
执行者: human、agent、company、department
技术类: api、cli、db、git、docker、cicd、infra、mcp
流程控制: system、event、gateway、data
使用subtype进行领域专业化(例如:type: agent, subtype: llm)。
边模式
13种模式:sequential、conditional、parallel、loop、event、fallback、error、timeout、compensation、message、dataflow、signal、weighted、spawn。
快速入门
1. 定义工作流
yaml
osop_version: 1.0
id: deploy-staging
name: 部署到预发布环境
description: 构建、测试并部署到预发布环境。
version: 1.0.0
tags: [deploy, staging]
nodes:
- id: build
type: cli
name: 构建项目
description: 运行构建命令
- id: test
type: cicd
subtype: test
name: 运行测试
description: 执行测试套件
- id: deploy
type: infra
name: 部署到预发布环境
description: 推送到预发布环境
security:
risk_level: medium
approval_gate: true
edges:
- from: build
to: test
mode: sequential
- from: test
to: deploy
mode: conditional
when: tests.passed == true
2. 审查风险
在执行前运行 /osop-review deploy-staging.osop 检查安全问题。
3. 执行并记录
运行后,使用 /osop-log 将发生的事件记录为结构化的 .osoplog.yaml 文件。
4. 生成报告
运行 /osop-report 创建包含深色模式和可展开节点的独立HTML报告。
会话日志记录
完成多步骤任务后,此技能会生成:
- - .osop — 工作流定义(应该发生什么)
- .osoplog.yaml — 执行记录(实际发生了什么)
这些文件可在 https://osop-editor.vercel.app 可视化或转换为HTML。
安全元数据
节点可以声明 security.risklevel(低/中/高/严重)、security.permissions、security.secrets 和 approvalgate 用于风险分析。
自我优化循环
- 1. 执行工作流 → 生成 .osoplog
- 汇总过去运行的统计数据
- 运行 /osop-optimize → 获取改进建议
- 应用批准的更改 → 执行改进后的工作流
- 重复——SOP每次迭代都会变得更好
链接
- - 规范: https://github.com/Archie0125/osop-spec
- 可视化编辑器: https://osop-editor.vercel.app
- 示例: https://github.com/Archie0125/osop-examples
- 网站: https://osop.ai
