← 返回 Skills 市场

Agi Terminal Helper

Name: Agi Terminal Helper
Author: liuwujijay

作者 liuwujijay · GitHub ↗ · v1.0.2

darwinlinuxwin32 ✓ 安全检测通过

889

总下载

当前安装

版本数

在 OpenClaw 中安装

/install agi-terminal-helper

功能描述

A practical runbook for using OpenClaw exec safely (sandbox-first, explicit confirmations, and debugging playbooks).

使用说明 (SKILL.md)

Terminal Helper — a runbook for OpenClaw exec

This skill is not a “generic terminal tips” template. It’s a concrete runbook for how to use OpenClaw’s exec tool effectively in a real workspace (like your /Users/.../clawd workspace), with attention to:

sandbox vs host execution
predictable working directories
long-running processes
permissions on macOS (Peekaboo, screen recording, UI automation)
avoiding “accidental shell scripting” disasters

OpenClaw skills are loaded from bundled skills, ~/.openclaw/skills, and \x3Cworkspace>/skills with workspace taking precedence. :contentReference[oaicite:12]{index=12}

Operating principles (what I will do every time)

1) State the intent + the exact command before running it

Before calling exec, I will say:

what the command is intended to do
what directory it will run in
what files it might read/write
what output I expect (so we can spot anomalies)

2) Default to read-only exploration

When debugging or orienting:

pwd, ls -la, git status, rg, cat, head, tail
only escalate to writes/installs after we know what’s going on

3) Prefer sandboxed execution for untrusted or high-churn work

Use the sandbox for:

tests, builds, dependency installs
exploring unknown repos
running scripts from third-party sources

Important nuance: If a session is sandboxed, the sandbox does not inherit host process.env. Global env and skills.entries.\x3Cskill>.env/apiKey apply to host runs only; sandbox env must be set separately. :contentReference[oaicite:13]{index=13}

4) Explicit confirmation for anything risky

I will require the user to confirm before:

deleting or overwriting files
installing system-level packages
touching ~/.ssh, keychains, browser profiles
changing network/system settings
running privileged commands (sudo, launchctl changes)

Execution patterns (the “how”)

A) Choose a working directory deliberately

When diagnosing OpenClaw itself, I’ll work inside your workspace (example: /Users/proman/clawd) and be explicit about it.

Typical commands:

check skills:
- ls -la ./skills
- find ./skills -maxdepth 2 -name SKILL.md -print
check git state:
- git status (if the workspace is a git repo)
verify binaries:
- which peekaboo || echo "peekaboo not on PATH"

B) Keep commands single-purpose

Prefer multiple small commands over one “do everything” pipeline. This makes it easier to review and safer to approve.

C) Long-running commands: background + poll

When supported, run with a short yield and then poll a process session.

Examples you can adapt:

start a long build:
- exec: make test (with a short yield)
poll until completion:
- process: poll (using the returned session id)

(Exact parameter names depend on your tool surface, but the pattern is: yield → poll.)

Practical playbooks

Playbook 1: “My skill isn’t loading”

Confirm skill location/precedence:
- OpenClaw loads \x3Cworkspace>/skills and that wins precedence. :contentReference[oaicite:14]{index=14}
Verify the skill folder has SKILL.md and valid frontmatter.
If you changed files, ensure watcher is enabled:
- skills.load.watch: true is the default pattern. :contentReference[oaicite:15]{index=15}

Playbook 2: “Peekaboo works in Terminal but fails in OpenClaw”

This is usually macOS TCC context + daemon behavior. A common fix is enabling PeekabooBridge in OpenClaw.app:

Settings → Enable Peekaboo Bridge :contentReference[oaicite:16]{index=16}

Then validate:

peekaboo bridge status --verbose should select a host (OpenClaw.app) rather than local (in-process). :contentReference[oaicite:17]{index=17}

Playbook 3: “ClawHub sync rejects my skill docs”

ClawHub has a quality gate (language-aware word counting and heuristics) that rejects docs that are too thin/templated. :contentReference[oaicite:18]{index=18} Fix by adding:

concrete examples
troubleshooting
environment notes (sandbox, PATH, permissions)
“what/why/when/how” that is clearly specific to the skill

What I will NOT do

I will not run remote “install scripts” (e.g., curl | sh) without explicit user request and review.
I will not paste or echo secrets into commands.
I will not make destructive changes without confirming the exact file paths.

Quick commands I often start with

pwd
ls -la
git status
rg -n "error|warn|TODO" .
uname -a
node -v && python -V

If you want raw, direct execution (no model involvement), use /term.

安全使用建议

This runbook appears coherent and safe: it encourages read-only checks, sandboxing, and explicit confirmation before risky operations, and it does not request credentials or installs. However, remember that any agent guidance that runs shell commands can still perform destructive actions if you approve them — always review the exact commands the agent proposes, refuse or inspect any curl|sh or similar install commands, and avoid granting access to sensitive directories (e.g., ~/.ssh, browser profiles) unless you explicitly intend to. If you require additional assurance, ask the skill to print the exact command it will run and the target working directory before execution.

功能分析

Type: OpenClaw Skill Name: agi-terminal-helper Version: 1.0.2 This skill bundle is designed to guide the OpenClaw agent in using the `exec` tool safely and transparently. The `SKILL.md` explicitly instructs the agent to state intent, default to read-only exploration, prefer sandboxed execution, and require explicit user confirmation for any risky actions (e.g., deleting files, installing system packages, touching `~/.ssh`, or running privileged commands). Crucially, it explicitly forbids running remote install scripts (`curl | sh`) without review and pasting/echoing secrets into commands. All suggested commands are diagnostic and read-only, indicating a strong focus on security and preventing malicious or accidental harm.

能力评估

✓ Purpose & Capability

Name and description describe a terminal/runbook helper; the SKILL.md only references workspace paths, simple diagnostic commands (pwd, ls, git status, rg, cat, head, tail), sandbox vs host execution, and explicit confirmation for risky actions — all of which are directly relevant to a terminal helper.

✓ Instruction Scope

Runtime instructions stay within the stated scope: they prioritize read-only exploration, ask to state intent before running exec, require explicit confirmation for destructive or privileged actions, and avoid automatic install scripts or secret echoing. The skill does tell the agent to examine workspace files and skill frontmatter (expected for diagnosing skill loading). There is no instruction to collect or exfiltrate unrelated data or call external endpoints.

✓ Install Mechanism

No install spec and no code files are present — this is instruction-only, so nothing will be written or downloaded during install. That minimizes install-time risk.

✓ Credentials

The skill declares no required environment variables, no primary credential, and no config paths. The SKILL.md explicitly notes sandbox env separation and warns against pasting secrets, so requested environment/credential access is proportionate.

✓ Persistence & Privilege

Flags are default: not always, user-invocable, and model invocation enabled. The skill does not request permanent presence or modifications to other skills or global config; it only provides procedural guidance for running exec safely.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install agi-terminal-helper
安装完成后，直接呼叫该 Skill 的名称或使用 /agi-terminal-helper 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.2

- Added _meta.json file to the skill package. - No changes to skill behavior or documentation content.

v1.0.1

- Updated description to clarify this is a practical runbook for safe OpenClaw exec use, not generic terminal tips. - Expanded operating principles: sandbox/host distinction, working directory, explicit user confirmations, macOS permissions, and accident prevention. - Added detailed execution patterns (choosing workspace, small commands, polling for long processes). - Introduced practical troubleshooting playbooks for common OpenClaw skill issues. - Clarified risky actions always require user confirmation. - Now specifies supported operating systems in metadata and uses a new emoji for clarity.

v1.0.0

- Initial release of terminal-helper skill. - Provides safety-focused guidance for using terminal tools. - Commands are proposed before execution for user review. - Actions are restricted to the workspace by default. - Destructive commands require explicit user confirmation. - Includes usage notes for referencing files within the skill folder.

元数据

Slug agi-terminal-helper

版本 1.0.2

许可证 —

累计安装 4

当前安装数 4

历史版本数 3

常见问题