← 返回 Skills 市场
Ai Fact Checker
作者
rudagebil11-jpg
· GitHub ↗
· v1.1.0
· MIT-0
118
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install ai-fact-checker
功能描述
🔍 AI 事实核查 - 自动验证大模型输出准确性,检测 hallucination 幻觉编造内容,联网搜索交叉验证给出可信度评分和修正。解决大模型一本正经胡说八道的痛点。
使用说明 (SKILL.md)
🔍 AI Fact Checker - AI 事实核查
自动验证 AI 输出信息的真实性,检测幻觉(hallucination)编造内容,联网搜索交叉验证,给出可信度评分,并自动修正错误信息。
✨ 痛点解决
大模型经常一本正经地胡说八道:编造不存在的论文、数据、人名、事件、网址。这个技能帮你:
- 自动提取 - 智能识别文本中的事实性陈述,排除观点和主观判断
- 交叉验证 - 自动联网搜索每个陈述,对比权威来源
- 可信度评分 - 给出 ✅ 可信 / ⚠️ 部分存疑 / ❌ 大概率错误
- 自动修正 - 如果发现错误,基于搜索结果给出正确信息
- 引用来源 - 附上搜索结果链接,方便你进一步核实
🚀 使用方法
基本核查
请用 ai-fact-checker 验证这段信息:
OpenClaw 发布于 2025 年,ClawHub 上有超过 10000 个社区技能。
对话中快速核查
当你对 AI 回答某句话存疑时:
fact-check 这句话是否正确:OpenClaw 的作者是 Peter Steinberger
批量核查整个文档
fact-check-document ./path/to/your-document.md
⚙️ 工作流程
原始文本 → 提取事实陈述 → 逐个联网搜索 → 关键词匹配评分 → 生成核查报告
- 智能提取 - 过滤掉观点,只保留可验证的事实陈述
- 独立搜索 - 每个陈述单独搜索,保证准确性
- 匹配算法 - 根据关键词覆盖率计算可信度分数
- 结构化报告 - 清晰展示每个陈述的验证结果
📊 评分标准
| 评分范围 | 标识 | 说明 |
|---|---|---|
| 90-100 | ✅ 可信 | 信息与多个权威来源一致 |
| 60-89 | ⚠️ 部分可信 | 核心信息得到验证,细节无法确认 |
| 30-59 | ⚠️ 存疑 | 找不到足够验证来源或信息部分冲突 |
| 0-29 | ❌ 错误 | 信息与权威来源矛盾,确认为编造 |
💡 示例输出
# 🧐 AI 事实核查报告
**原始文本:**
OpenClaw 发布于 2025 年,现在 ClawHub 上已经有超过 10000 个社区技能。作者是 Peter Steinberger。
---
## 1. 核查: "OpenClaw 发布于 2025 年,现在 ClawHub 上已经有超过 10000 个社区技能。作者是 Peter Steinberger。"
- **评分:** 45/100
- **结论:** ⚠️ 存疑
- **原因:** 部分信息与搜索结果不符
**参考来源:**
1. [OpenClaw GitHub - README](https://github.com/openclaw/openclaw)
2. [ClawHub - Official Skill Registry](https://clawhub.ai/skills)
---
**整体评分:** 45/100 - ⚠️ 整体存疑,建议核实
**修正:**
- OpenClaw 发布于 **2024 年**(不是 2025)
- ClawHub 上目前收录 **~5700+** 个技能(不是 10000+)
- ✅ 作者确实是 **Peter Steinberger**
🔧 依赖
- 需要 OpenClaw 内置
web_search技能(默认自带,不需要额外安装) - 不需要额外 API 密钥,使用现有搜索配额
📦 安装
npx clawhub install ai-fact-checker
🧪 测试
cd ai-fact-checker
node test-run.js
👨💻 Author
rudagebil11-jpg
📄 License
MIT
安全使用建议
What to consider before installing:
- Don't install blindly. The skill's purpose is coherent, but the code contains a command-injection vulnerability: scripts/fact-check.js builds a shell command by interpolating user text into execSync(openclaw tool web_search --query "..."). An attacker-controlled input could inject shell metacharacters (e.g., `;`, `&&`, `$(...)`, backticks) and execute arbitrary commands on your host when the script runs.
- If you must use it: run it only in a sandboxed or isolated environment (container/VM) until you fix the code.
- Fixes to request or apply before running:
- Replace execSync with a safer invocation that passes arguments as an argv array (avoid the shell) or use the OpenClaw SDK/API instead of shelling out. For Node, use child_process.spawn or execFile with an array of arguments to avoid shell interpolation.
- Properly validate/escape user input. At minimum, reject inputs containing suspicious shell metacharacters or sanitize them using a robust escaping library.
- Add robust error handling for the web_search output before JSON.parse to avoid crashes or injection via malformed output.
- Remove any unicode control characters from SKILL.md and verify there are no hidden/invisible characters intended to manipulate downstream parsers.
- Verify the openclaw CLI behavior: confirm that openclaw tool web_search returns well-formed JSON and that invoking it from scripts is allowed and safe in your environment.
- If you don't want to run code from this unknown source, consider implementing the same logic yourself or using a vetted fact-checking skill/utility.
Overall: the skill is functionally coherent but contains security issues (shell injection risk + suspicious control characters). Treat it as suspicious until the above issues are resolved.
功能分析
Type: OpenClaw Skill
Name: ai-fact-checker
Version: 1.1.0
The skill contains a command injection vulnerability in `scripts/fact-check.js` due to the use of `execSync` to invoke the `web_search` tool. While the script attempts to escape double quotes, it fails to sanitize other shell metacharacters (e.g., backticks, semicolons, or subshells), which could allow a crafted 'fact' to execute arbitrary commands on the host. This is classified as suspicious rather than malicious because the behavior appears to be a poorly implemented interface to the OpenClaw CLI rather than an intentional backdoor or exploit.
能力评估
Purpose & Capability
Name/description, SKILL.md, and code all describe the same behavior: extract factual statements and use OpenClaw's web_search to verify them. The skill requests no secrets, no unrelated binaries, and the declared dependency on the built-in web_search tool matches the implementation (it calls an openclaw web_search CLI).
Instruction Scope
The SKILL.md and scripts instruct the agent to run a CLI web_search and parse results — that's expected — but scripts/fact-check.js uses child_process.execSync to run: openclaw tool web_search --query "<user text>". The user-supplied statements are interpolated into a shell command with only double-quote escaping; other shell metacharacters (`, $, ;, &, |, $(), etc.) are not escaped, creating a command-injection risk. Additionally, the SKILL.md contains unicode control characters (scanner flagged 'unicode-control-chars'), which can be used for prompt-injection or to confuse parsers; that is unexpected for a benign fact-checker and merits manual review.
Install Mechanism
No install spec is provided (instruction-only), which is low-risk for supply-chain downloads. However, the skill bundle does include JavaScript files that will be present once installed; since these are executed locally when you run tests or the script, you should review them. There is no remote download URL in the install, which reduces supply-chain concerns.
Credentials
The skill requests no environment variables or credentials, consistent with a public web-search based fact-checker. The code does not attempt to read environment secrets. The only external dependency is the OpenClaw CLI/web_search tool; ensure that tool's behavior and returned JSON format are trusted/expected.
Persistence & Privilege
The skill does not request always:true, does not claim to modify other skills or global agent settings, and is user-invocable by default. It does not attempt to persist credentials or alter system-wide configuration.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install ai-fact-checker - 安装完成后,直接呼叫该 Skill 的名称或使用
/ai-fact-checker触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
Version 1.1.0 of ai-fact-checker brings improved documentation clarity and workflow explanations.
- Refined and expanded SKILL.md with clearer usage instructions, step-by-step workflows, and more detailed sample outputs
- Better highlights scoring criteria, correction logic, and example scenarios for both individual fact and bulk document checking
- Clarifies installation, dependencies, and testing for users
- General improvements for readability and user understanding (no functional code changes described)
v1.0.0
ai-fact-checker v1.0.0
- 首次发布:AI 事实核查技能上线。
- 能够自动从 AI 输出中提取事实信息并联网交叉验证。
- 检测并标注 hallucination(编造内容),对每项信息给出可信度评分。
- 支持错误检测与修正建议,引用权威来源进行核查。
- 提供基本、实时、批量三种核查用法和详细评分标准。
元数据
常见问题
Ai Fact Checker 是什么?
🔍 AI 事实核查 - 自动验证大模型输出准确性,检测 hallucination 幻觉编造内容,联网搜索交叉验证给出可信度评分和修正。解决大模型一本正经胡说八道的痛点。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 118 次。
如何安装 Ai Fact Checker?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install ai-fact-checker」即可一键安装,无需额外配置。
Ai Fact Checker 是免费的吗?
是的,Ai Fact Checker 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Ai Fact Checker 支持哪些平台?
Ai Fact Checker 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Ai Fact Checker?
由 rudagebil11-jpg(@rudagebil11-jpg)开发并维护,当前版本 v1.1.0。
推荐 Skills