← Back to Skills Marketplace
75
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install permission-manager
Description
审批权限管理技能 - 快速切换不同审批模式(白名单/完整权限/免审批)
Usage Guidance
This skill appears to implement exactly what it says (switching approval modes) but you should be cautious before installing: 1) It reads and writes your per-user OpenClaw config files (~/.openclaw/openclaw.json and exec-approvals.json) even though the registry metadata didn't declare those paths — expect the skill to modify local config. 2) The skill can disable all approvals (no-approval mode); ensure human confirmation is enforced by policy (don’t allow autonomous invocation to flip approvals off). 3) Review the included permission_switch.py yourself (or with a technical person) to confirm it only modifies the intended keys and does not perform network calls or unexpected actions. 4) Back up your ~/.openclaw/ directory before using, test in a non-production environment, and restrict the skill so it cannot be auto-run to escalate privileges without explicit human authorization.
Capability Analysis
Type: OpenClaw Skill
Name: permission-manager
Version: 1.0.0
The skill is designed to manage and potentially disable OpenClaw's command approval security settings by modifying the global configuration file `~/.openclaw/openclaw.json`. While the documentation in `SKILL.md` and `README.md` includes safety warnings and requires user consent for the 'no_approval' mode, the capability for an agent to programmatically lower its own security guardrails (setting `security` to `full` and `ask` to `off`) is a high-risk behavior. The Python script `permission_switch.py` directly manipulates the configuration JSON, providing a mechanism that could be abused to bypass human-in-the-loop requirements.
Capability Assessment
Purpose & Capability
Name/description align with behavior: the code and SKILL.md both implement switching approval modes and reading/writing OpenClaw config. However, the skill metadata claimed no required config paths while both SKILL.md and permission_switch.py explicitly read/write ~/.openclaw/openclaw.json and ~/.openclaw/exec-approvals.json — this mismatch is an incoherence that should have been declared.
Instruction Scope
SKILL.md confines actions to changing approval-related settings and instructs to require human consent for the 'no approval' mode. The included Python implementation directly edits the user's OpenClaw config files and provides a subprocess wrapper. There is a small mismatch: the docs suggest using 'openclaw config set ...' CLI commands, while the script edits the JSON file directly. The instructions do not attempt to read other unrelated files or environment secrets.
Install Mechanism
No install spec and no external downloads; only an instruction file and a local Python script are included. No network fetches or package installs are present in the provided files.
Credentials
The skill declares no required env vars or config paths in registry metadata, but in practice it reads/writes user config at ~/.openclaw/openclaw.json and exec-approvals.json. That undeclared access to per-user configuration is a proportionality/coherence issue: the skill needs access to those files to work, and that should be explicitly declared so users can evaluate impact.
Persistence & Privilege
The skill is not force-included (always:false) but is invocable and model-invocation is allowed by default. Because it can change the agent's command-approval policy (including turning approvals off), autonomous invocation combined with this capability is high-impact: a model or another skill could invoke it to disable approvals. SKILL.md recommends human confirmation for disabling approvals, but that is an instruction-level safeguard — it may not be enforceable by the platform. Consider requiring human gating or forbidding autonomous switching to 'no_approval'.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install permission-manager - After installation, invoke the skill by name or use
/permission-manager - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
permission-manager v1.0.0
- 首次发布,提供 OpenClaw 审批权限管理能力
- 支持一键切换白名单、完整权限、免审批、严格模式等多种审批策略
- 根据自然语言意图自动识别并应用对应权限配置
- 提供配置变更确认、风险提示及场景化建议
- 支持查看当前权限和自定义配置
- 输出详细操作反馈,包括成功与失败信息
Metadata
Frequently Asked Questions
What is Permission Manager?
审批权限管理技能 - 快速切换不同审批模式(白名单/完整权限/免审批). It is an AI Agent Skill for Claude Code / OpenClaw, with 75 downloads so far.
How do I install Permission Manager?
Run "/install permission-manager" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Permission Manager free?
Yes, Permission Manager is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Permission Manager support?
Permission Manager is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Permission Manager?
It is built and maintained by JIRBOY (@jirboy); the current version is v1.0.0.
More Skills