← 返回 Skills 市场
84
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install action-gate-bridge-clean
功能描述
Route risky communications next steps through a typed action-intent bridge so external writes, bookings, settings changes, public posts, and spend decisions...
使用说明 (SKILL.md)
Action Gate Bridge
Use this skill when a communications workflow moves from analysis into a possible external action.
Core workflow
- Read
references/action-bridge.mdfirst. - Read
references/approval-matrix.mdbefore proposing any action. - Pick the narrowest typed action that fits the next step.
- Create a proposal or route the write intent through the sidecar.
- Interpret the result as
allowed,needs_approval,blocked, oraccepted. - Decide what to show the user; do not silently execute a risky action.
Helpers
Use the bundled scripts when the host environment supports them:
node scripts/propose-action.js communications send_email [email protected] "Subject" "Summary" "Program"
node scripts/route-http-write.js communications api-target "Summary" /path '{"hello":"world"}' "Program" "credentials-ref"
Safety
- Red actions require explicit user approval.
- Do not send, post, submit, confirm, or spend by default.
- If policy, scope, approval, or reversibility is unclear, escalate instead of acting.
安全使用建议
This skill is intended to route action proposals through a sidecar; that is a legitimate design. Before installing, verify: (1) which environment variables will be used in your environment—ACTION_GATE_URL and CRABTRAP_HTTP_PROXY_URL are referenced by the scripts but not declared in the registry—ensure they are set only to trusted, internal endpoints (localhost or internal network) and not to arbitrary public URLs; (2) how the sidecar enforces authentication, authorization, and an approval workflow (who can approve actions, what 'credentialsRef' can access); (3) that the agent will not auto-execute risky actions without explicit user approval; and (4) that any credentials referenced are stored and retrieved securely by a controlled secret manager rather than passed in plain text. If you cannot confirm the sidecar's implementation and access controls, treat this skill as high-risk for accidental or intentional exfiltration or unintended external writes.
功能分析
Type: OpenClaw Skill
Name: action-gate-bridge-clean
Version: 0.0.1
The skill bundle implements a safety-oriented 'Action Gate Bridge' designed to prevent the AI agent from performing risky external actions (like sending emails or spending money) without explicit approval. The scripts (propose-action.js and route-http-write.js) are simple utility wrappers that route action proposals and HTTP requests through a local or configured gateway for policy enforcement, and the documentation (SKILL.md, approval-matrix.md) explicitly instructs the agent to avoid silent execution of risky tasks.
能力标签
能力评估
Purpose & Capability
The name, description, SKILL.md, reference docs, and scripts are coherent: the skill is explicitly a bridge that converts proposed actions into typed proposals and routes HTTP write-intents through a sidecar. That capability justifies the included scripts and their HTTP endpoints.
Instruction Scope
SKILL.md confines behavior to reading the reference docs, classifying actions, and routing proposals rather than executing risky actions directly. However, the provided helper scripts will POST arbitrary proposal and HTTP-request payloads (including user-supplied bodies) to configured endpoints; that capability goes beyond 'read/classify' and must be carefully constrained by the runtime environment and approval flow.
Install Mechanism
There is no install spec (instruction-only plus small helper scripts). No downloads or package installs are requested, so nothing arbitrary is written to disk by an installer.
Credentials
The scripts read ACTION_GATE_URL and CRABTRAP_HTTP_PROXY_URL environment variables (and allow a credentialsRef to be passed) but the registry metadata declares no required env vars or primary credential. This omission reduces transparency. If these env vars are set to remote endpoints, the skill can transmit arbitrary data and request execution credentials indirectly—so the requested/implicit environment access is under-declared and therefore disproportionate without additional safeguards.
Persistence & Privilege
always:false and default model-invocation settings are used. The skill does not request permanent presence or claim to modify other skills or system-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install action-gate-bridge-clean - 安装完成后,直接呼叫该 Skill 的名称或使用
/action-gate-bridge-clean触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.0.1
Initial sanitized publish
元数据
常见问题
Action Gate Bridge 是什么?
Route risky communications next steps through a typed action-intent bridge so external writes, bookings, settings changes, public posts, and spend decisions... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 84 次。
如何安装 Action Gate Bridge?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install action-gate-bridge-clean」即可一键安装,无需额外配置。
Action Gate Bridge 是免费的吗?
是的,Action Gate Bridge 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Action Gate Bridge 支持哪些平台?
Action Gate Bridge 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Action Gate Bridge?
由 heyalerio(@heyalerio)开发并维护,当前版本 v0.0.1。
推荐 Skills