← Back to Skills Marketplace
512
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install skill-operator
Description
Manage installed skills with a web UI for visualization, backup-backed uninstall, updates via git, and AI-powered evolution with rollback support.
Usage Guidance
Do not install this into a production or internet-connected environment yet. Key issues to resolve before trusting it: (1) The registry listing claims a completely different purpose (Skill Operator) than the shipped code (AgentComm). Ask the publisher to explain and provide a trusted source/homepage. (2) The code auto-installs Python packages at runtime (pip install), which modifies your environment; prefer an explicit, reviewed install step. (3) The skill will open an HTTP server on 0.0.0.0 and actively scan the local subnet (requests to many LAN IPs) and upload files to IPFS/public relays — run only in an isolated VM or sandbox if you want to test. (4) The skill can use or generate a Nostr private key (nsec) — treat that as a secret and do not import any real/production keys until you audit the code. Recommended actions: verify source (git repo/homepage), ask the author why metadata is mismatched, review full source (especially the truncated upload code paths), run in an isolated environment, and consider network segmentation/firewalling to limit LAN exposure.
Capability Analysis
Type: OpenClaw Skill
Name: skill-operator
Version: 1.0.1
The skill is classified as suspicious due to several critical security vulnerabilities, not intentional malice. The `LANServer` (in `agent_comm.py`) and `LANMessageHandler` (in `nostr_comm.py`) expose an unauthenticated `/messages` endpoint on the local network, allowing any device on the LAN to read all messages received by the agent. More critically, `nostr_comm.py`'s `IPFSHandler.download_file` function writes to a user-controlled `output_path` without sanitization, creating an arbitrary file write vulnerability that could lead to directory traversal or overwriting system files. Additionally, both Python files use `subprocess.run` to install dependencies, which is a general security risk. These flaws could be exploited to compromise the agent or disclose sensitive information.
Capability Assessment
Purpose & Capability
Registry metadata (name: 'Skill Operator', description: managing installed skills, web UI, backups, git updates, rollback) does not match the included SKILL.md, README, and code, which implement 'AgentComm' (Nostr + LAN messaging, IPFS file sharing). This is a substantive mismatch — a skill-op manager would not need Nostr/zeroconf/IPFS code. The mismatch could be an accidental packaging error or intentional mislabeling; either way it is incoherent.
Instruction Scope
The SKILL.md and README instruct generating keypairs, starting an HTTP server listening on 0.0.0.0:8765, advertising with mDNS, discovering peers on the LAN, sending files to IPFS, and messaging via Nostr relays. The included code implements these behaviors and additionally: (a) auto-installs Python packages at import time (subprocess pip install), (b) actively scans the local subnet by issuing HTTP requests to every .1-.254 address, and (c) will accept POSTed messages and files over the network. These runtime actions go beyond simple 'helper' tools and require explicit user consent and network consideration. The SKILL.md does not clearly call out the active LAN scanning behavior (it promises discovery but the code uses an aggressive scan), nor does the registry metadata warn about these network operations.
Install Mechanism
No formal install spec is declared, but the code performs runtime installation: multiple files attempt to pip-install dependencies (nostr, zeroconf) via subprocess.run when imports fail. That means network retrieval and package installation will occur automatically when the skill is imported/executed. This is higher-risk than a pure instruction-only skill because it writes to the environment and fetches code from PyPI without an explicit install step.
Credentials
Registry metadata lists no required env vars, but README mentions optional/expected envs (NOSTR_PRIVATE_KEY, NOSTR_RELAYS, IPFS_API_URL). The code will generate and use a private key (nsec) and can accept a private key from environment — this is a sensitive secret. The skill requests ability to listen on a network port and access the network and filesystem (for reading files to upload). Those privileges are consistent with a comms/file-share skill but they were not declared in registry metadata, and asking for a private key (nsec) should be highlighted as sensitive.
Persistence & Privilege
always:false (normal). The skill will start a persistent LAN HTTP server (0.0.0.0:8765), advertise via mDNS, and run background threads. That gives it a continuous network presence on the LAN while enabled. This behavior is plausible for a communication skill, but it increases blast radius — if you install it trustworthily, consider running in a restricted environment or ensuring only trusted LAN peers can reach the port.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skill-operator - After installation, invoke the skill by name or use
/skill-operator - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
AgentComm 1.0.1 introduces decentralized agent communication with dual Internet (Nostr) and LAN modes.
- Added two new modules: `agent_comm.py` and `nostr_comm.py`, providing internet (Nostr) and local network agent messaging capabilities.
- Added `requirements.txt` specifying dependencies: Python 3.9+, `nostr`, `zeroconf`, and `requests`.
- Removed legacy files: `_meta.json` and `skill_operator.py`.
- Replaced the skill's focus from skill management to agent-to-agent encrypted messaging and file sharing, supporting both decentralized (Nostr) and LAN communication.
- Updated documentation to reflect the new AgentComm features, commands, and requirements.
v1.0.0
Initial release of skill-operator.
- Visual skill management tool with modern web UI for managing installed skills.
- Features include listing, uninstalling, updating, and evolving skills, with all actions backed up for safety.
- Supports one-click rollback from automatic backups.
- Includes RESTful API for integrations and automation.
- Requires Python 3.7+ and OpenClaw environment.
Metadata
Frequently Asked Questions
What is Skill Operator?
Manage installed skills with a web UI for visualization, backup-backed uninstall, updates via git, and AI-powered evolution with rollback support. It is an AI Agent Skill for Claude Code / OpenClaw, with 512 downloads so far.
How do I install Skill Operator?
Run "/install skill-operator" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Skill Operator free?
Yes, Skill Operator is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Skill Operator support?
Skill Operator is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Skill Operator?
It is built and maintained by rbbcarl (@rbbcarl); the current version is v1.0.1.
More Skills