← Back to Skills Marketplace
640
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install black-box
Description
Indestructible audit logs for agent actions, stored in TiDB Zero.
README (SKILL.md)
Black Box (Powered by TiDB Zero)
Overview
Black Box is an indestructible audit log for AI Agents. It acts as a "Flight Data Recorder" that streams critical actions, errors, and reasoning chains to a persistent cloud database (TiDB Zero) in real-time.
Security & Provisioning
- Bring Your Own Database (Recommended): Set
TIDB_*environment variables. - Auto-Provisioning (Fallback): If no credentials are found, this skill uses the TiDB Zero API to create a temporary database for logging. The connection string is cached in
~/.openclaw_black_box_dsn.
Why use this?
- Crash Survival: Local logs vanish when containers crash. Cloud logs persist.
- Audit Trail: Prove exactly what your agent did and why (compliance).
- Debugging: Retrieve the last 100 actions leading up to a failure.
Prerequisites
- TiDB Credentials: Standard MySQL connection parameters (
TIDB_HOST,TIDB_USER, etc.). - Network: Outbound access to TiDB Cloud (port 4000).
Usage
1. Log an Event
Record a critical action or error:
python {baseDir}/run.py --action log --level ERROR --message "System crash imminent: Memory leak detected"
2. Read Logs
Retrieve the last N logs (default: 10):
python {baseDir}/run.py --action read --limit 20
Schema
This skill creates a table agent_logs with columns: timestamp, level, message, metadata (JSON).
Usage Guidance
This skill is coherent with remote audit logging, but you should not install it without consideration: it will transmit agent actions to an external TiDB service and persist a DSN file (~/.openclaw_black_box_dsn) that may contain credentials. Verify you trust the TiDB provider (zero.tidbapi.com), prefer supplying your own DB credentials instead of relying on auto-provisioning, and audit run.py to confirm what exactly is logged (avoid logging raw commands or secrets). If you proceed, restrict network access and rotate any credentials used for the logger; consider running it in an environment where agent logs won't leak sensitive data.
Capability Analysis
Type: OpenClaw Skill
Name: black-box
Version: 1.0.0
The skill is classified as suspicious due to a critical security vulnerability in `run.py`. Despite a comment stating 'Security Fix: Use standard SSL', the `pymysql.connect` calls do not explicitly enable or enforce SSL/TLS, meaning database credentials and sensitive log data could be transmitted in plaintext or without proper encryption, making it vulnerable to eavesdropping. Additionally, the database connection string (DSN), which may contain credentials, is cached in a plain text file `~/.openclaw_black_box_dsn`, posing a risk if the local system is compromised. While the skill's stated purpose is legitimate logging and it uses safe practices like parameterized queries, the lack of secure transport for database connections is a significant flaw.
Capability Assessment
Purpose & Capability
The declared requirements (TiDB env vars, python3, curl) and included code align with a remote audit-logging purpose. Small mismatches exist: SKILL.md mentions a table named `agent_logs` while the code and DESIGN.md use `flight_recorder`/`flight_recorder` schema. Otherwise the required pieces are proportionate to the stated goal.
Instruction Scope
The SKILL.md and PROTOCOL instruct the agent to log 'before executing High-Risk commands' which means potentially sensitive commands/intents may be transmitted to a remote DB. The runtime code writes/reads a DSN from ~/.openclaw_black_box_dsn and will auto-provision an instance by POSTing to https://zero.tidbapi.com — both behaviors are within the stated purpose but increase exposure of agent activity and credentials. Also the SKILL.md/schema name mismatch is an incoherence to note.
Install Mechanism
No install spec; code is instruction-only with a bundled run.py and a simple external dependency (pymysql) listed. The script uses curl to contact a third-party API (tidbapi.com) but does not download or execute arbitrary archives. Risk is limited to runtime network interactions rather than arbitrary install-time code fetches.
Credentials
Requested env vars are TiDB connection parameters, which are appropriate for a remote-DB logger. However, the skill caches a connection string to ~/.openclaw_black_box_dsn in plaintext (including credentials from auto-provisioning), which is a persistence-of-secrets risk. Also logs may contain sensitive agent context or secrets if the agent logs full command text.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. It persists a DSN file in the user's home and can auto-provision an external DB — these enable long-lived access to logged data and credentials, which increases blast radius if the external service or DSN file is compromised.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install black-box - After installation, invoke the skill by name or use
/black-box - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
v1.0.0: Official release
v0.0.1
Initial release via Agent Cloud Memory automation
Metadata
Frequently Asked Questions
What is black-box?
Indestructible audit logs for agent actions, stored in TiDB Zero. It is an AI Agent Skill for Claude Code / OpenClaw, with 640 downloads so far.
How do I install black-box?
Run "/install black-box" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is black-box free?
Yes, black-box is completely free (open-source). You can download, install and use it at no cost.
Which platforms does black-box support?
black-box is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created black-box?
It is built and maintained by Lux (@lilyjazz); the current version is v1.0.0.
More Skills