← Back to Skills Marketplace
Skill Risk Splitter
by
vx:17605205782
· GitHub ↗
· v1.0.0
· MIT-0
160
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install skill-risk-splitter
Description
把职责过杂的 Skill 拆成安全版、增强版或多子 Skill,降低扫描和维护风险。;use for skills, refactor, risk workflows;do not use for 为了拆分而失去清晰定位, 隐藏高风险行为.
Usage Guidance
该 Skill 是一个本地审计/拆分辅助工具,整体内聚且与其描述一致。建议在安装/使用前:
- 以 --dry-run 先运行脚本并检查输出,确认行为符合预期。
- 不要把 --input 指向根目录、用户主目录或包含凭据/密钥的目录;仅对要分析的 Skill 代码目录或去敏感化的样本运行。
- 快速人工审查 scripts/run.py(已随包提供),确认没有不期望的网络调用或外部执行逻辑(当前代码仅做文件读取、文本分析与报告生成)。
- 如果你不希望代理自动在背景中调用该 Skill,可在代理配置中禁用其自动调用权限或仅在需要时手动调用。
Capability Analysis
Type: OpenClaw Skill
Name: skill-risk-splitter
Version: 1.0.0
The skill-risk-splitter bundle is a utility designed to help users refactor complex or high-risk skills into smaller, safer components. The core logic in scripts/run.py functions as a static analysis tool that scans directories or files for specific patterns, including security risks like 'curl|bash' pipes, dangerous 'rm' commands, and hardcoded secrets. The script only performs read and write operations on local files as directed by the user and lacks any network communication, obfuscation, or unauthorized execution capabilities. The instructions in SKILL.md are strictly aligned with its stated purpose of risk assessment and architectural governance.
Capability Assessment
Purpose & Capability
名称、描述与实际内容一致:目标是把职责过杂的 Skill 拆分并产出可审阅的结构化草案。唯一运行时要求是 python3,仓内包含 scripts/run.py、resources 模板与 spec.json,都是为该目的所需。
Instruction Scope
SKILL.md 明确要求先产出可审阅草案并在缺信息时列出待确认项。运行脚本会读取用户提供的输入(文件或目录)、扫描文件内容并基于模板生成报告。可注意点:脚本会读取传入目录下的任意文本文件并生成报告——这是审计工具的预期行为,但用户应避免将其指向包含敏感凭据或私有数据的目录。脚本明确未包含远程写入/执行网络命令的步骤,也不隐式访问未声明的环境变量。
Install Mechanism
这是 instruction-only + included Python script 的组合,没有 install spec、无外部下载或第三方包需求,仅依赖系统的 python3 与标准库,风险较低。
Credentials
不请求任何环境变量、凭据或配置路径;唯一二进制依赖是 python3,与其用途直接相关且成比例。
Persistence & Privilege
always 为 false,未请求常驻或修改其他技能/系统配置。默认允许模型调用(平台默认),单凭此项不构成风险;结合其它维度也没有发现滥用权限的证据。
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skill-risk-splitter - After installation, invoke the skill by name or use
/skill-risk-splitter - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of skill-risk-splitter.
- Provides a tool to split overly complex skills into safer, enhanced, or multiple sub-skills to reduce scanning and maintenance risks.
- Designed with clear rules for task intake, risk identification, and splitting recommendations.
- Output is structured with focus on responsibilities, risk sources, split plan, migration advice, compatibility, and priorities.
- Emphasizes safety: does not allow high-risk operations by default and always provides clear boundaries.
- Includes local resources and templates for standardizing outputs and testing.
Metadata
Frequently Asked Questions
What is Skill Risk Splitter?
把职责过杂的 Skill 拆成安全版、增强版或多子 Skill,降低扫描和维护风险。;use for skills, refactor, risk workflows;do not use for 为了拆分而失去清晰定位, 隐藏高风险行为. It is an AI Agent Skill for Claude Code / OpenClaw, with 160 downloads so far.
How do I install Skill Risk Splitter?
Run "/install skill-risk-splitter" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Skill Risk Splitter free?
Yes, Skill Risk Splitter is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Skill Risk Splitter support?
Skill Risk Splitter is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux, win32).
Who created Skill Risk Splitter?
It is built and maintained by vx:17605205782 (@52yuanchangxing); the current version is v1.0.0.
More Skills