← Back to Skills Marketplace
OpenClaw LLM Tools
by
michealxie001
· GitHub ↗
· v1.0.0
· MIT-0
91
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install oc-llm-tools
Description
Universal Tool Definition System for LLM function calling. Define tools once, use with any LLM provider (OpenAI, Anthropic, Gemini, etc.). JSON Schema valida...
Usage Guidance
This package implements a legitimate tool registry and format converters, but the README includes examples that are dangerous if used carelessly: avoid registering handlers that perform eval() or that read arbitrary filesystem paths unless you control and audit them. Before installing or exposing this skill to LLM-driven calls: 1) review any handler functions you register — never use eval on untrusted input; 2) avoid handlers that read sensitive files or run shell commands, or run them in a sandboxed environment; 3) prefer pure, constrained handlers that accept validated inputs; 4) be cautious when exposing tool execution to untrusted or third‑party models (an LLM could trigger calls); and 5) note the documentation/code mismatches (missing modules and the ephemeral decorator registry) and consider a code review or tests to ensure behavior matches your expectations.
Capability Analysis
Type: OpenClaw Skill
Name: oc-llm-tools
Version: 1.0.0
The skill bundle provides a framework for managing LLM tool definitions but includes high-risk examples and capabilities. Specifically, SKILL.md contains a documentation example using 'eval()' for a tool handler, which is a classic Remote Code Execution (RCE) vulnerability. Additionally, the skill's metadata defines broad 'read', 'write', and 'exec' tool permissions, which, while potentially useful for a tool management system, present a significant attack surface without explicit safety constraints.
Capability Assessment
Purpose & Capability
The code (ToolRegistry, conversion methods) matches the stated purpose of converting and validating tool definitions for multiple LLMs. However SKILL.md front-matter lists tools (read, write, exec) and the architecture section names modules (tool.py, formats/*) that are not present in the packaged files, which is an inconsistency. The decorator helper 'tool(...)' creates a new ephemeral ToolRegistry per call (likely a bug) — functional but surprising.
Instruction Scope
SKILL.md explicitly shows examples that enable reading arbitrary filesystem paths (read_file uses Path(path).read_text()) and demonstrates a handler using eval(lambda expr: eval(expr)). Those examples instruct users/agents to register handlers that can access local files or execute arbitrary code; if such handlers are exposed to LLM-driven calls, an LLM could cause sensitive file reads or arbitrary code execution. The runtime instructions do not impose sandboxing or limits on handlers.
Install Mechanism
No install spec is provided (instruction-only with source files); requirements.txt only lists jsonschema. There are no external downloads or unusual install steps. This is low risk from an installation provenance perspective.
Credentials
The skill requires no environment variables or credentials, which is proportionate. However, the examples and integration sample show handlers that access the filesystem; while not requested explicitly, handlers can be written to read secrets or other config. The skill itself doesn't demand credentials, but its use can enable access to local data if unsafe handlers are registered.
Persistence & Privilege
The skill does not request permanent presence (always=false), does not modify other skills' configs, and does not declare elevated privileges. Autonomous invocation is allowed by default (platform normal) and is not combined with other high-risk flags here.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install oc-llm-tools - After installation, invoke the skill by name or use
/oc-llm-tools - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Universal tool definition system for LLM function calling. Supports OpenAI, Anthropic, Gemini, Ollama formats.
Metadata
Frequently Asked Questions
What is OpenClaw LLM Tools?
Universal Tool Definition System for LLM function calling. Define tools once, use with any LLM provider (OpenAI, Anthropic, Gemini, etc.). JSON Schema valida... It is an AI Agent Skill for Claude Code / OpenClaw, with 91 downloads so far.
How do I install OpenClaw LLM Tools?
Run "/install oc-llm-tools" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw LLM Tools free?
Yes, OpenClaw LLM Tools is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does OpenClaw LLM Tools support?
OpenClaw LLM Tools is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw LLM Tools?
It is built and maintained by michealxie001 (@michealxie001); the current version is v1.0.0.
More Skills