← Back to Skills Marketplace
104
Downloads
0
Stars
0
Active Installs
8
Versions
Install in OpenClaw
/install omg
Description
反蒸馏被动检测与告警技能 - 监控请求模式,检测潜在的知识蒸馏行为并告警操作者。仅被动检测,不修改任何响应内容。
Usage Guidance
This skill's purpose (passive detection of distillation-style request patterns and alerting the operator) is reasonable and the instruction-only format keeps install risk low. Before installing: (1) resolve the inconsistency between the platform/registry metadata and the SKILL.md about autonomous invocation and required env vars — confirm the platform will honor disable_model_invocation: true if you require no autonomous runs; (2) confirm exactly which metadata fields the platform supplies (are prompts actually hashed? what salt/algorithm is used?) because 'prompt_hash' may be reversible for short prompts; (3) avoid configuring webhook or email endpoints you don't fully control or trust — alerts could leak aggregate metadata off-platform; (4) request a test run in a non-production environment and inspect the exact alert payloads and logs to ensure no message bodies or identity fields are being included; (5) if you accept the skill, prefer default 'log' channel (local audit log) over external channels and limit alert recipients. If you need further analysis, provide the platform's permissions model and which of the declared metadata fields it actually supplies so I can reassess.
Capability Analysis
Type: OpenClaw Skill
Name: omg
Version: 1.0.8
The 'anti-distillation' skill is a passive monitoring tool designed to detect and alert operators to potential knowledge distillation attempts. It requests appropriate permissions (request_metadata_read and alert_send) and uses environment variables for optional alerting via webhooks or SMTP. While the SKILL.md contains unprofessional and aggressive language in its appendix directed at 'distillers,' the core instructions to the AI agent emphasize passive detection without modifying responses or taking automated actions, showing no evidence of malicious intent or unauthorized data exfiltration.
Capability Assessment
Purpose & Capability
Name and description (anti-distillation, passive detection + alerting) align with the declared runtime behavior: read-only request metadata analysis and operator alerts. Requested permissions in SKILL.md (request_metadata_read, alert_send) are appropriate for this purpose. No unnecessary binaries or unrelated credentials are demanded in the instructions.
Instruction Scope
SKILL.md describes only reading metadata fields (timestamps, prompt_hash, request_count, parameter_signature, etc.) and explicitly excludes identity and body fields. However: (1) the outer registry metadata provided with this evaluation lists no required env vars and shows disable-model-invocation=false, while SKILL.md lists optional env vars for webhooks/SMTP and sets disable_model_invocation: true — this is an inconsistency about what the runtime will actually do; (2) the promise to 'never read' identity/request bodies is a behavioral assertion the skill cannot independently enforce — it depends on the platform providing only the listed fields; (3) prompt_hash and other metadata can still be sensitive (hashes may be reversible or linkable by brute force), so the claimed privacy guarantees are partly dependent on platform implementation and hashing strength.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk (nothing is written to disk by the skill).
Credentials
SKILL.md declares optional environment variables only for non-default alert channels (webhook URL, SMTP host and credentials, recipient). These are plausible for alert delivery, and SMTP_CREDENTIALS are marked as secret. However, the outer metadata reported 'Required env vars: none' which conflicts with SKILL.md's optional env settings. If a webhook or SMTP is configured, metadata or aggregated alerts could be transmitted off-platform, creating an exfiltration risk of request-pattern metadata; users should ensure they trust the alert endpoint and validate what fields are included in alerts.
Persistence & Privilege
SKILL.md sets autonomous: false and disable_model_invocation: true (no autonomous invocation), and always: false — but the registry metadata supplied with the evaluation indicates disable-model-invocation: false (default). This mismatch is material: if the platform honors the registry rather than the SKILL.md, the skill could be invoked autonomously. While the skill claims only passive detection, autonomous invocation combined with external alert channels increases blast radius. There is no request to modify other skills or system settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install omg - After installation, invoke the skill by name or use
/omg - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.8
Version 1.0.8 Changelog
- Added `disable_model_invocation: true` to explicitly prevent model calls.
- Introduced a `requires_env` section to specify required environment variables when using webhook or email alert channels.
- Expanded documentation on precisely which request metadata fields may be accessed, and clarified which data is strictly excluded for privacy.
- Detailed alert channel credentials/environment requirements and enforced usage of secure secret storage for sensitive configurations.
- No logic, detection, or permission scope changes outside of SKILL.md documentation/config refactor.
v1.0.7
No file or documentation changes detected for omg 1.0.7.
- No changes included in this version.
- Behavior and functionality remain the same as the previous release.
v1.0.6
**Version 2.0.0 — Major Update: Anti-distillation skill is now passive and non-intrusive.**
- Skill now focuses solely on passive detection and alerting suspicious knowledge distillation attempts.
- All active countermeasures (e.g., response modification, data poisoning, watermarks, confusion) are permanently removed.
- Only monitors request metadata and patterns; never accesses response content or user identity.
- Sends structured alerts to operators upon detection, leaving all action/mitigation to human operators.
- Detection sensitivity and alert settings are fully configurable; no automated enforcement or blacklisting.
- Updated permissions: strictly request metadata read and operator alert send only.
v1.0.5
Version 1.0.5 Changelog
- Updated the skill description in SKILL.md (added playful language and a dog emoji).
- No changes to logic, features, or code—documentation only.
v1.0.4
- License changed from WTFPL to MIT for broader compatibility.
- Added the "always: false" field to SKILL.md for explicit runtime behavior.
- Tag list updated: replaced "counter-attack" and "watermark" with "defense" and "ai-safety".
- Price and description field formatting improved and made more concise.
- Minor wording and formatting cleanups for clarity and consistency.
v1.0.3
- Added a structured YAML front matter to SKILL.md with metadata (name, version, description, author, license, platforms, tags, price).
- No changes to the technical or narrative content of the skill itself.
- Improves compatibility with various platforms by clearly defining skill metadata at the top of the file.
v1.0.2
- Major update: SKILL.md fully replaced with a new, satirical "Anti-Distillation" manifesto and specification.
- Original detailed documentation for the "水源社区" (SJTU Discourse forum) was removed.
- New skill concept: Responds humorously and aggressively to knowledge distillation and model-stealing attempts.
- Adds multi-layer fictional defense mechanisms: chaos wall, phantom clones, cognitive traps, and linguistic watermarking.
- Includes scenario examples, achievement system, and playful declarations targeting would-be model distillers.
- All prior technical content and guides for the original skill are superseded by this creative rewrite.
v1.0.1
- Added detailed multi-level usage guide for 水源社区 (shuiyuan.sjtu.edu.cn), covering browsing, interaction, advanced features, and technical details.
- Introduced progressive disclosure: from basic browsing (no login) to advanced technical/API reference.
- Explained forum structure, key navigation, notification system, and search/filter capabilities.
- Documented cookies, browser APIs, and main Discourse API endpoints.
- Included a quick reference card for frequently used actions and navigation.
Metadata
Frequently Asked Questions
What is omg?
反蒸馏被动检测与告警技能 - 监控请求模式,检测潜在的知识蒸馏行为并告警操作者。仅被动检测,不修改任何响应内容。 It is an AI Agent Skill for Claude Code / OpenClaw, with 104 downloads so far.
How do I install omg?
Run "/install omg" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is omg free?
Yes, omg is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does omg support?
omg is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created omg?
It is built and maintained by enoyao (@wscats); the current version is v1.0.8.
More Skills