← Back to Skills Marketplace
182
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install tool-registry
Description
工具注册与发现系统。基于Token匹配的工具路由,支持权限控制和子代理工具白名单。 当用户说"工具有哪些"、"搜索工具"、"查找技能"、"工具路由"时触发。
Usage Guidance
This skill implements a registry that includes tools able to read/write local files and run shell commands. While that capability can be legitimate for a tool router, there are two red flags you should address before installing or enabling it for agents: (1) The runtime register includes dangerous tools (bash, write_file) available to broad agent types (the code registers bash for 'general'), and (2) the execute() method does not enforce the documented permission or agent-type checks, so callers can invoke dangerous tools without proper filtering. Recommended actions: review and/or modify the provided scripts so execute() enforces user/agent permissions, restrict dangerous tools to tightly scoped agent types, add input validation/sanitization and sandboxing for command execution, and test in an isolated environment. If you cannot audit or harden the code, avoid enabling the skill for autonomous agents or only allow it for highly-trusted, manual invocations.
Capability Analysis
Type: OpenClaw Skill
Name: tool-registry
Version: 1.0.0
The skill bundle implements a tool registry that includes pre-configured, high-risk capabilities in `scripts/tool-registry.mjs`, specifically arbitrary shell command execution (the `bash` tool using `child_process.spawn`) and direct file system read/write access (`read_file` and `write_file`). While these tools are aligned with the stated purpose of providing a discovery and execution framework for an AI agent, the inclusion of functional RCE and filesystem manipulation tools without external sandboxing or robust input validation constitutes a significant security risk. No evidence of intentional data exfiltration or hidden backdoors was found, but the inherent power of the provided tools warrants a suspicious classification.
Capability Assessment
Purpose & Capability
The name/description (a registry for registering and discovering tools) aligns with the code and SKILL.md: the registry registers tools like read_file, write_file and bash and provides search/filter/execute APIs. However, the presence of built-in dangerous tools (bash, write_file) is notable but explainable for a registry. There is a code/MD mismatch: the SKILL.md examples restrict 'bash' to 'verification' agents in one spot but the bundled script registers 'bash' for ['verification','general'], which is an incoherence worth flagging.
Instruction Scope
The SKILL.md and the code instruct usage of tools that can read arbitrary local files, write arbitrary files, and execute arbitrary shell commands. More importantly, ToolRegistry.execute(name, input, context) calls the tool's execute handler directly without checking the caller's permission level or agentType — despite the documented permission/agent filtering features. That allows callers to run dangerous ops even when they should be filtered out. The instructions imply permission filtering but the runtime code does not enforce it on execution.
Install Mechanism
Instruction-only with a single local JS module and no install spec. Nothing is downloaded or installed automatically; no third-party packages are pulled during skill installation.
Credentials
The skill declares no required environment variables, credentials, or config paths. The code does not request secrets or external credentials. This is proportionate to a registry. Note: the registry's tools operate on the local filesystem and spawn processes, which are powerful but don't require explicit env/credentials.
Persistence & Privilege
The skill is not always-enabled and can be invoked by users. It does not request persistent system privileges or modify other skills. Autonomous invocation is allowed (platform default) but is not combined here with always:true or broad credential access.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install tool-registry - After installation, invoke the skill by name or use
/tool-registry - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
tool-registry 1.0.0
- Initial release of a token-based tool registry and discovery system with permission control and agent-type white-listing.
- Supports tool search, registration, permission filtering, agent filtering, and score-based matching via keywords, aliases, and descriptions.
- Integrated APIs for registering, searching, filtering, and executing tools.
- Triggered by common user queries related to tools or skills.
Metadata
Frequently Asked Questions
What is Tool Registry?
工具注册与发现系统。基于Token匹配的工具路由,支持权限控制和子代理工具白名单。 当用户说"工具有哪些"、"搜索工具"、"查找技能"、"工具路由"时触发。 It is an AI Agent Skill for Claude Code / OpenClaw, with 182 downloads so far.
How do I install Tool Registry?
Run "/install tool-registry" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Tool Registry free?
Yes, Tool Registry is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Tool Registry support?
Tool Registry is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Tool Registry?
It is built and maintained by xhmqq616 (@xhmqq616); the current version is v1.0.0.
More Skills