← 返回 Skills 市场
455
总下载
0
收藏
1
当前安装
2
版本数
在 OpenClaw 中安装
/install baseline-kit
功能描述
Generate safer OpenClaw configuration baselines and audit existing config files for exposure, missing controls, and secret hygiene issues.
使用说明 (SKILL.md)
Baseline Kit
Generate profile-based OpenClaw configuration JSON and audit an existing config before rollout.
When to use
- You need a starting profile for
development,team,enterprise, orairgapped. - You want an offline audit for
gateway.bind, auth rate limits, allowed skill sources, audit logging, backups, or secret-like values. - You need a reviewable JSON artifact without contacting external services.
Commands
node {baseDir}/bin/baseline-kit.js generate --profile enterprise --out ./openclaw.secure.json
node {baseDir}/bin/baseline-kit.js generate --profile development --out ./openclaw.dev.json
node {baseDir}/bin/baseline-kit.js audit --config ~/.openclaw/openclaw.json --format table
node {baseDir}/bin/baseline-kit.js audit --config ./openclaw.secure.json --format json
Profiles
| Profile | Focus |
|---|---|
development |
Faster local iteration with lighter rate limits and shorter retention |
team |
Shared team defaults with moderate auth protection and audit logging |
enterprise |
Tighter auth windows, longer retention, and recovery guidance |
airgapped |
Loopback-only and local-mirror oriented settings |
Audit checks
NET_EXPOSURE: whethergateway.bindis loopback-onlyAUTH_RATE_LIMIT: whether auth rate limiting is configured completelySOURCE_RESTRICTION: whether allowed skill sources are too broadAUDIT_LOGGING: whether audit logging is enabledBACKUP_HINT: whether backup settings are presentSECRET_HYGIENE: whether the config tree contains plaintext secret-like values
Output
- Each finding includes a severity, evidence path, recommendation, and compliance tag set.
- Compliance tags currently map to
SOC2,ISO27001, andNIST CSF.
Boundaries
- This tool audits JSON structure only. It does not enforce runtime policy.
- Generated profiles are safer defaults, not a complete configuration management system.
安全使用建议
This is a small, local Node.js CLI for generating baselines and auditing OpenClaw JSON files; it does not contact external services or request credentials. Before running: ensure you have Node.js 18+, review the included source if you trust the author, and run the provided tests (test.js) in a safe environment. Be careful which config path you audit — the tool will read the file you point it at and will print/write findings (it masks detected secrets but includes partial samples in output and JSON). Avoid pointing it at files you cannot expose to local console/output destinations, and review generated JSON before committing to a repository. If you need extra caution, run the CLI in an isolated container or ephemeral VM.
功能分析
Type: OpenClaw Skill
Name: baseline-kit
Version: 1.0.1
The baseline-kit skill is a security utility designed to generate hardened OpenClaw configuration profiles and audit existing JSON configs for common security flaws like network exposure and plaintext secrets. The implementation in src/index.js is entirely local, using standard Node.js file system modules without any network activity, obfuscation, or suspicious execution patterns. The logic for detecting secrets (collectPotentialSecrets) correctly masks findings and is consistent with the tool's stated purpose of improving configuration hygiene.
能力评估
Purpose & Capability
Name and description match the actual code and instructions. The tool only requires Node and implements profile generation and JSON-based audits; nothing in the package or SKILL.md asks for unrelated cloud credentials or services.
Instruction Scope
SKILL.md instructs running the included CLI to read a user-specified config path and write outputs to a specified --out path. The runtime instructions and code are limited to JSON structure checks, local file read/write, and console output. There are no instructions to access unrelated system files, environment secrets, or external network endpoints.
Install Mechanism
There is no install spec in the registry (instruction-only), and the repo ships a small Node.js CLI. The tool requires only the node binary (Node >=18 per package.json). No remote downloads, package installers, or unusual install steps are present.
Credentials
The skill declares no required environment variables or credentials and the code does not read env vars. It does scan JSON for secret-like keys and emits masked samples in findings — behavior appropriate to an audit tool and aligned with its purpose.
Persistence & Privilege
always is false and the skill does not request permanent platform presence or modify other skills. The agent-invocation defaults are normal; autonomous invocation combined with this tool's limited local I/O presents low risk.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install baseline-kit - 安装完成后,直接呼叫该 Skill 的名称或使用
/baseline-kit触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
README and SKILL.md compliance update for OpenClaw / ClawHub alignment.
v1.0.0
Initial release
元数据
常见问题
Baseline Kit 是什么?
Generate safer OpenClaw configuration baselines and audit existing config files for exposure, missing controls, and secret hygiene issues. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 455 次。
如何安装 Baseline Kit?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install baseline-kit」即可一键安装,无需额外配置。
Baseline Kit 是免费的吗?
是的,Baseline Kit 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Baseline Kit 支持哪些平台?
Baseline Kit 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Baseline Kit?
由 mike007jd(@mike007jd)开发并维护,当前版本 v1.0.1。
推荐 Skills