← Back to Skills Marketplace
475
Downloads
0
Stars
0
Active Installs
5
Versions
Install in OpenClaw
/install jqopenclaw-node-invoker
Description
统一通过 Gateway 的 node.invoke 调用 JQOpenClawNode 能力(file.read、file.write、process.exec、process.manage、system.run、process.which、system.info、system.screenshot、syste...
README (SKILL.md)
\r \r
JQOpenClaw Node Invoker\r
\r
快速流程\r
\r
- 确定目标
nodeId(用户给定优先)。\r - 调用
node.describe检查节点在线状态,并按“节点识别规则”确认是否为 JQOpenClawNode。\r - 若命令未声明或被网关策略拦截,先输出阻断原因,再给修复建议。\r
- 按 references/command-spec.md 构造
node.invoke请求。\r - 每次调用使用新的
idempotencyKey(UUID)。\r - 输出结果时先给结论,再给关键字段,不直接堆原始 JSON。\r \r
节点识别规则\r
\r
- 先读
node.describe返回的modelIdentifier、commands、displayName、nodeId。\r - 强匹配(可直接判定为 JQOpenClawNode):\r
modelIdentifier非空,且满足以下任一条件:\r- 等于
JQOpenClawNode。\r - 以
JQOpenClawNode开头(如JQOpenClawNode(Qt/C++))。\r
- 等于
- 弱匹配(仅在
modelIdentifier为空时使用):\rcommands同时包含:file.read、file.write、process.exec、process.manage、system.run、process.which、system.info、system.screenshot、system.notify、system.clipboard、system.input、node.selfUpdate。- 且
displayName或nodeId包含JQOpenClaw。\r
- 拒绝匹配:\r
modelIdentifier明确存在但不匹配JQOpenClawNode*,即使命令集合相似也不按本技能处理。\r
- 不确定处理:\r
- 若仅满足部分条件,先明确告知“节点类型不确定”,并要求用户指定目标
nodeId或修正节点modelIdentifier后再执行。\r \r
- 若仅满足部分条件,先明确告知“节点类型不确定”,并要求用户指定目标
命令映射\r
\r
- 文件读取:
file.read - 文件写入/移动/删除/目录增删:
file.write - 进程执行(program/arguments/detached):
process.exec - 进程管理(枚举/搜索/终止):
process.manage - 远程进程执行(OpenClaw 标准参数):
system.run - 可执行命令探测:
process.which\r - 系统基础信息:
system.info\r - 屏幕截图:
system.screenshot\r - 系统弹窗:
system.notify - 系统剪贴板:
system.clipboard - 输入控制:
system.input - 节点自更新:
node.selfUpdate\r
调用规则\r
\r
- 统一使用
node.invoke。\r params必须是对象,字段类型严格匹配。\r- 节点侧仅接受
node.invoke.request.payload.paramsJSON,且paramsJSON必须解析为对象。\r paramsJSON缺失或null时按空对象处理;若存在但不是字符串、为空字符串、或解析后不是对象,按INVALID_PARAMS处理。\rfile.write必须显式传allowWrite=true才允许执行;未显式授权时应返回阻断提示。\rtimeoutMs需按任务复杂度设置:file.read/file.write:5000-30000process.exec:5000-120000(detached=false时生效)process.manage:5000-30000(kill场景应确保timeoutMs >= waitMs)system.run:5000-120000process.which:5000-15000system.info:30000\rsystem.screenshot:60000\rsystem.notify:5000-15000(仅参数校验与弹窗投递,弹窗异步展示)system.clipboard:5000-15000(读写系统剪贴板文本)system.input:5000-15000(仅参数校验与入队,动作异步执行)node.selfUpdate:30000-300000(下载+校验+脚本启动;成功后节点会退出重启)
- 调用
node.selfUpdate时,md5为必填(32 位十六进制);缺失或格式错误按INVALID_PARAMS处理。 node.invoke.timeoutMs可省略;若传入,必须为非负整数(毫秒),否则按INVALID_PARAMS处理。其中0视为立即超时。\rnode.invoke.timeoutMs会参与请求预算裁剪;当前节点会将system.run.params.timeoutMs、process.exec.params.timeoutMs(detached=false)与file.read(operation=rg)的内部超时裁剪到该预算内(取更小值)。- 即便省略
node.invoke.timeoutMs,网关/调用端仍有等待超时(当前 OpenClaw 常见默认约30000ms,CLIopenclaw nodes invoke默认15000ms)。\r - 实际可用执行时长取决于最先触发的超时层:调用端/网关等待超时、
node.invoke.timeoutMs(若传入)、能力内部超时。\r process.manage当前仅支持 Windows;非 Windows 环境调用会返回PROCESS_MANAGE_FAILED。\rprocess.manage:\roperation=list/search/kill,默认list。\rsearch必须提供query(或keyword)与pid之一。\rkill必须提供pid,可选waitMs范围[0, 30000]与force(默认true);force=false为非强杀退出请求(仅对具有顶层窗口的进程生效);waitMs当前不会被node.invoke.timeoutMs自动裁剪。kill默认拒绝终止关键进程(critical process);仅当目标 PID 为当前节点进程时允许。\r
process.exec使用program + arguments,支持detached;用于兼容历史调用方。system.run对齐 OpenClaw:仅使用command(argv 数组)、rawCommand、cwd、env、timeoutMs、needsScreenRecording。process.which支持program(单个)或programs(数组)探测;未命中返回found=false,不作为命令失败。\rfile.read支持operation=read/lines/list/rg/stat/md5。大文件建议使用read + offsetBytes + maxBytes分块读取(maxBytes上限2097152);按行区间读取使用lines + startLine/endLine;目录遍历可用list + recursive + glob;元信息查询使用stat;文件指纹可用md5。file.write默认禁用;需显式allowWrite=true。开启后默认operation=write;移动用operation=move(配destinationPath/toPath);删除用operation=delete(走回收站删除);目录创建用operation=mkdir;目录删除用operation=rmdir。\r \r
网关阻断处理\r
\r
command not allowlisted:- 说明这是 Gateway 策略拦截。
- 提示管理员在 Gateway 配置添加
gateway.nodes.allowCommands(如file.read、file.write、process.exec、process.manage、system.run、process.which、system.notify、system.clipboard、system.input、node.selfUpdate)。
command not declared by node/node did not declare commands:\r- 先看
node.describe.commands。\r - 要求节点端先声明命令再调用。\r \r
- 先看
错误处理规范\r
\r
INVALID_PARAMS:参数缺失、类型不匹配或超出范围(含file.read/file.write/process.exec/process.manage/system.run/process.which/system.notify/system.clipboard/system.input/node.selfUpdate的参数校验失败,例如node.selfUpdate缺失必填md5)。指出具体字段问题并给出可直接重试的参数。TIMEOUT:可能为网关等待超时,或显式传入timeoutMs=0触发立即超时。建议增大timeoutMs或缩小任务范围。\rFILE_READ_FAILED/FILE_WRITE_FAILED:用于非参数类失败。输出失败原因并给路径、权限、目录存在性、回收站可用性等排查建议。\rPROCESS_MANAGE_FAILED:用于非参数类失败(目标进程不存在、权限不足、非 Windows 平台、命中关键进程保护、终止或等待过程失败)。输出节点返回错误并给 PID、权限、平台和进程存活状态排查建议。PROCESS_EXEC_FAILED:用于process.exec的非参数类失败(程序不存在、权限不足、启动失败等无法产出结构化执行结果)。输出节点返回错误并给program、workingDirectory、权限排查建议。SYSTEM_RUN_FAILED:用于system.run的非参数类失败(命令非法、程序不存在、权限不足、启动失败等无法产出结构化执行结果)。输出节点返回错误并给command、cwd、权限、目标进程状态排查建议。PROCESS_WHICH_FAILED:用于非参数类失败(探测流程内部异常)。输出节点返回错误并建议重试或检查节点日志。\rSYSTEM_INFO_FAILED:系统信息采集失败。建议检查节点系统命令可用性与权限。\rSCREENSHOT_CAPTURE_FAILED/SCREENSHOT_UPLOAD_FAILED:截图采集或上传失败。建议检查显示环境、file-server-uri、file-server-token与网络连通性。\rSYSTEM_INPUT_FAILED:system.input投递或平台能力失败。建议检查平台是否为 Windows、线程池状态与节点日志。SYSTEM_NOTIFY_FAILED:system.notify投递失败。建议检查应用实例状态与 UI 线程分发日志。SYSTEM_CLIPBOARD_FAILED:system.clipboard执行失败。建议检查节点应用实例、图形环境与剪贴板访问能力。NODE_SELF_UPDATE_FAILED:node.selfUpdate执行失败(下载失败、HTTP 状态异常、落盘失败、脚本启动失败等)。建议检查下载地址可达性、磁盘空间与杀毒拦截。NODE_SELF_UPDATE_MD5_MISMATCH:node.selfUpdate下载成功但 MD5 校验不匹配。建议核对必填md5与发布包内容。COMMAND_NOT_SUPPORTED:改用已声明命令或升级节点版本。 \r
输出规范\r
\r
- 成功时:
- 先一句话结论。
- 再列关键字段(例如
bytesWritten、exitCode、timedOut、url)。 - 对
process.manage,优先展示operation、pid、returnedCount/totalMatched、waitResult、resultClass等字段。 - 对
system.run/process.exec,若timedOut=true或resultClass=timeout,按“命令超时”给出失败结论与重试建议(即使node.invoke本身返回成功结构)。
- 失败时:\r
- 先给
error.code、error.message。\r - 再给一条可执行的下一步操作。\r \r
- 先给
安全边界\r
\r
file.write、process.exec、process.manage、system.run与process.which默认按最小必要原则执行。- 对可能破坏状态的操作(删除、覆盖、重置、停服务、终止进程)先征得用户明确确认。\r
- 不自行提升权限,不绕过网关策略。\r \r
system.notify\r
\r
- 命令名:
system.notify\r - 用途:弹出系统消息提示框。\r
- 参数:\r
message:必填字符串,非空,长度范围[1, 4000]\rtitle:可选字符串,默认JQOpenClaw,长度上限120\r
- 返回字段:
operation=notify、title、message、shown=true、async=true、ok=true\r - 错误处理:\r
- 参数错误返回
INVALID_PARAMS\r - 投递失败返回
SYSTEM_NOTIFY_FAILED\r \r
- 参数错误返回
system.clipboard\r
\r
- 命令名:
system.clipboard\r - 用途:读取当前系统剪贴板文本,或写入文本到系统剪贴板。\r
- 参数:\r
operation:可选字符串,read|write,默认read\rtext:当operation=write时必填字符串\r
- 返回字段(
operation=read):operation=read、text、length、hasText、ok=true\r - 返回字段(
operation=write):operation=write、written=true、length、hasText、ok=true\r - 错误处理:\r
- 参数错误返回
INVALID_PARAMS\r - 执行失败返回
SYSTEM_CLIPBOARD_FAILED\r \r
- 参数错误返回
system.input\r
\r
- 命令名:
system.input\r - 用途:按顺序执行输入动作数组,支持鼠标、键盘和延迟混排。\r
- 执行语义:参数校验通过后异步入队;
node.invoke立即返回。\r - 调度策略:latest-wins。若新请求到达,会取消旧请求尚未完成的剩余动作;已执行动作不会回滚。\r
- 使用建议:
keyboard.down/keyboard.up尽量在同一请求内闭合配对,或优先使用keyboard.tap。\r - 入参要求:\r
params.actions必须为数组,长度[1, 1000]\r- 每个动作对象必须包含
type\r - 支持
mouse.move、mouse.click、mouse.scroll、mouse.drag、keyboard.down、keyboard.up、keyboard.tap、keyboard.text、delay\r
- 关键校验:\r
mouse.move.mode:absolute|relative\rmouse.click.button:left|right\rmouse.scroll:delta或deltaY二选一必填,可选deltaX\rmouse.drag:mode=absolute|relative,可选button=left|right\rkeyboard.text.text:非空字符串\rdelay.ms:[0, 60000]\r
- 错误处理:\r
- 参数错误返回
INVALID_PARAMS\r - 投递失败返回
SYSTEM_INPUT_FAILED\r \r
- 参数错误返回
参考\r
\r
Usage Guidance
This skill is internally consistent: it documents how to call node.invoke and how to validate nodes and params for a JQOpenClawNode. Before installing, consider: (1) the invoker enables powerful remote actions (file read/write, process kill, input control, screenshots, node.selfUpdate) — only allow it if you trust the agent and the target nodes; (2) require explicit user confirmation before executing write/kill/selfUpdate actions or make sure gateway policies and allowlists are strict; (3) verify node identity via node.describe (modelIdentifier/commands/displayName) as the skill prescribes; (4) be aware that screenshot/upload flows may rely on external file-server URIs/tokens (not requested here) — confirm those are handled securely. No evidence of unrelated credential requests or hidden network endpoints was found.
Capability Analysis
Type: OpenClaw Skill
Name: jqopenclaw-node-invoker
Version: 26.3.9
The skill bundle 'jqopenclaw-node-invoker' provides a comprehensive remote administration interface with high-risk capabilities including arbitrary command execution (system.run, process.exec), full file system access (file.read, file.write), input simulation (system.input), and a self-update mechanism (node.selfUpdate) that fetches and executes remote payloads. While SKILL.md and references/command-spec.md include safety guidelines such as MD5 verification and user confirmation for destructive actions, the bundle essentially functions as a full-featured Remote Access Trojan (RAT) framework, providing all the primitives necessary for data exfiltration, persistence, and unauthorized system control if the AI agent is targeted by prompt injection.
Capability Assessment
Purpose & Capability
Name and description claim a generic invoker for JQOpenClawNode commands (file.*, process.*, system.*, node.selfUpdate, etc.) and the SKILL.md exclusively documents constructing and validating node.invoke requests for those exact commands — the requested capabilities match the stated purpose and no unrelated credentials/binaries/install steps are required.
Instruction Scope
Instructions are detailed and narrowly prescribe using node.describe and node.invoke with strict parameter validation and error handling. This stays within the skill's purpose. Note: the documented commands allow very powerful remote operations (file read/write, process management, input control, screenshots, node.selfUpdate). That power is expected for this invoker but is sensitive — callers should verify node identity and gateway allowlist decisions before invocation.
Install Mechanism
No install spec or code files are present (instruction-only), so nothing is written to disk or downloaded. This minimizes supply-chain risk and is proportional to an invoker skill.
Credentials
The skill declares no required environment variables, credentials, or config paths. The SKILL.md does reference gateway configuration keys and file-server tokens in failure messages, but it does not request them — this is proportionate to its purpose.
Persistence & Privilege
always is false and the skill does not request persistent system modifications or cross-skill config writes. Autonomous invocation (disable-model-invocation = false) is the platform default; combined with the skill's broad remote capabilities this increases potential impact, but it is coherent with an invoker skill.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install jqopenclaw-node-invoker - After installation, invoke the skill by name or use
/jqopenclaw-node-invoker - Provide required inputs per the skill's parameter spec and get structured output
Version History
v26.3.9
- 新增对 process.exec 的支持,完善进程执行能力及参数校验。
- 节点识别和命令映射全面切换为 process.exec(原 process.manage 仅用于管理,执行使用 exec)。
- system.run 仅保留 OpenClaw 标准参数,process.exec 用于 program/arguments/detached 场景。
- node.selfUpdate 增加必填 md5 校验,缺失或格式错误会报 INVALID_PARAMS。
- 明确各命令 timeoutMs 推荐值,并区分 process.exec / system.run 场景。
- 命令声明、错误处理、输出规范均据此同步完善。
v26.3.6
- 替换了原有的 process.exec 能力为 system.run。
- 命令映射和节点识别规则均已调整,process.exec 相关内容被 system.run 取代。
- system.run 支持 command(argv 数组)和 program+arguments 模式,并支持更多执行参数。
- 错误处理新增 SYSTEM_RUN_FAILED,相关流程跟随 system.run 能力变化。
- SKILL.md 文档内容同步更新,CLI 或接口调用需采用新的命令名 system.run。
v26.3.5
- 新增 node.selfUpdate 支持,包含节点自更新命令描述、规则、错误码等。
- 命令映射、节点识别规则、网关策略说明、错误处理均补充 node.selfUpdate 相关内容。
- file.read 命令新增对 md5 操作的说明。
- 调用超时、参数校验、返回值、失败场景等细节同步 node.selfUpdate 及 md5 支持。
v1.0.1
**Summary: Expanded command coverage and updated specifications for increased capability.**
- Added support and invocation rules for new commands: process.manage, process.which, system.notify, system.clipboard, system.input (covering process management, system notifications, clipboard access, and input control).
- Updated “节点识别规则” and command mapping to require/reflect the new command set.
- Expanded “调用规则” and error handling to include all newly added commands, with clarified parameter and platform-specific restrictions (e.g., process.manage only supports Windows).
- Outlined specific sections detailing usage, parameters, and error responses for system.notify, system.clipboard, and system.input.
- Updated security and output guidelines for broader scenarios (process control, destructive actions, etc.).
- Revised gateway policy recommendations for wider command allowlisting.
v1.0.0
Initial release of jqopenclaw-node-invoker.
- Provides standardized invocation of JQOpenClawNode capabilities (file read/write, process execution, system info, screenshot) via Gateway's node.invoke.
- Enforces detailed node identification and command mapping rules to ensure accurate targeting.
- Implements robust error handling and outputs clear, actionable results and troubleshooting suggestions.
- Ensures strict parameter validation and outlines security boundaries for file operations and process execution.
- Includes guidance for handling Gateway policy blocks and undeclared commands.
Metadata
Frequently Asked Questions
What is JQOpenClawNode skill?
统一通过 Gateway 的 node.invoke 调用 JQOpenClawNode 能力(file.read、file.write、process.exec、process.manage、system.run、process.which、system.info、system.screenshot、syste... It is an AI Agent Skill for Claude Code / OpenClaw, with 475 downloads so far.
How do I install JQOpenClawNode skill?
Run "/install jqopenclaw-node-invoker" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is JQOpenClawNode skill free?
Yes, JQOpenClawNode skill is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does JQOpenClawNode skill support?
JQOpenClawNode skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created JQOpenClawNode skill?
It is built and maintained by Jason (@188080501); the current version is v26.3.9.
More Skills