功能描述

跨平台基础工具集 — 16 个独立可组合的 Python 脚本，替代 Agent 平台缺失的基础工具能力。文件系统（浏览/搜索/读写/替换/删除）、内容搜索（正则）、网络（搜索/抓取/预览）、运行时安装、持久化记忆、定时任务、任务管理。纯 Python 标准库，零外部依赖，跨 Windows/macOS/L...

使用说明 (SKILL.md)

\r \r

builtin-tools — 跨平台基础工具集\r

Name: Builtin Tools
Author: wangjiaocheng

\r

定位\r

\r 当宿主 Agent 平台缺少某个基础工具时，用本技能的脚本补足。\r 所有脚本纯 Python 标准库实现，零外部依赖，跨 Windows/macOS/Linux。\r \r

核心规则\r

\r

优先用宿主平台内置工具 — 仅在平台不支持时回退到本技能脚本\r
通过 execute_command 调用 — 所有脚本接受 JSON 输入，输出 JSON 结果\r
自举设计 — execute_command.py 可调度所有其他脚本，只需平台支持执行一条 Python 命令\r \r

脚本清单\r

\r | 脚本 | 功能 | 调用方式 |\r |------|------|---------|\r | execute_command.py | 自举入口 + 命令执行 + 管道串联 | 见下方详细说明 |\r | list_dir.py | 目录浏览 | python list_dir.py '{"path":".","ignore":["*.log"]}' |\r | search_file.py | 文件名搜索 | python search_file.py '{"pattern":"*.py","recursive":true}' |\r | read_file.py | 读取文件 | python read_file.py '{"path":"f.txt","offset":0,"limit":50}' |\r | write_file.py | 写入文件 | python write_file.py '{"path":"f.txt","content":"hello"}' |\r | replace_in_file.py | 精确替换 | python replace_in_file.py '{"path":"f.txt","old":"a","new":"b"}' |\r | delete_file.py | 删除文件 | python delete_file.py '{"path":"f.txt"}' |\r | search_content.py | 正则内容搜索 | python search_content.py '{"pattern":"TODO","path":"."}' |\r | web_search.py | 网页搜索 | python web_search.py '{"query":"Python","engine":"duckduckgo"}' |\r | web_fetch.py | 网页抓取 | python web_fetch.py '{"url":"https://..."}' |\r | preview_url.py | 浏览器预览 | python preview_url.py '{"url":"https://..."}' |\r | install_binary.py | 运行时安装 | python install_binary.py '{"type":"python","version":"3.13.12"}' |\r | update_memory.py | 持久化记忆 | python update_memory.py '{"action":"create","title":"...","content":"..."}' |\r | automation_update.py | 定时任务 | python automation_update.py '{"mode":"create","name":"...","prompt":"...","rrule":"..."}' |\r | todo_write.py | 任务管理 | python todo_write.py '{"todos":[{"id":"1","status":"in_progress","content":"..."}]}' |\r \r

execute_command.py 详细用法\r

\r

模式 1：执行系统命令\r

\r

{"mode": "command", "command": "ls -la", "timeout": 30, "cwd": "/tmp"}\r
```\r
\r
### 模式 2：执行内置脚本\r
\r
```json\r
{"mode": "script", "script": "list_dir", "params": {"path": "."}}\r
```\r
\r
### 模式 3：打开 URL/文件\r
\r
```json\r
{"mode": "open", "url": "https://example.com"}\r
```\r
\r
### 模式 4：管道串联多个脚本\r
\r
```json\r
{"mode": "pipe", "chain": ["search_file", "search_content"], "params": {"pattern": "*.py"}}\r
```\r
\r
### 快捷模式\r
\r
```bash\r
python execute_command.py search_file '{"pattern":"*.py"}'\r
python execute_command.py --command "echo hello"\r
```\r
\r
## JSON 协议\r
\r
所有脚本遵循统一协议：\r
\r
- **输入**：JSON 字符串（命令行第一个参数 或 stdin）\r
- **输出**：`{"status":"ok","data":{...},"message":"ok"}` 或 `{"status":"error","code":N,"message":"..."}`\r
- **Exit Code**：0=成功, 1=参数错误, 2=执行失败, 3=不支持的平台\r
\r
## 目录结构\r
\r
```\r
builtin-tools/\r
├── SKILL.md                    # 本文件\r
├── scripts/\r
│   ├── common.py               # 公共层（Shell执行/JSON协议/路径处理）\r
│   ├── execute_command.py      # 自举入口\r
│   ├── list_dir.py             # 目录浏览\r
│   ├── search_file.py          # 文件名搜索\r
│   ├── read_file.py            # 读取文件\r
│   ├── write_file.py           # 写入文件\r
│   ├── replace_in_file.py      # 精确替换\r
│   ├── delete_file.py          # 删除文件\r
│   ├── search_content.py       # 正则内容搜索\r
│   ├── web_search.py           # 网页搜索\r
│   ├── web_fetch.py            # 网页抓取\r
│   ├── preview_url.py          # 浏览器预览\r
│   ├── install_binary.py       # 运行时安装\r
│   ├── update_memory.py        # 持久化记忆\r
│   ├── automation_update.py    # 定时任务\r
│   └── todo_write.py           # 任务管理\r
└── references/\r
    └── protocol.md             # 接口协议详细文档\r
```\r
\r
## 安全策略\r
\r
- `execute_command.py` 不使用 `shell=True`（Windows 用 list 参数传递给 powershell.exe）\r
- `delete_file.py` 禁止删除根目录和用户主目录\r
- `replace_in_file.py` 默认限制替换次数（防止误操作）\r
- `install_binary.py` 下载后校验文件完整性\r

安全使用建议

This package is internally coherent for a local ’builtin tools’ toolkit, but it grants powerful local privileges: it can read/write/delete files, run arbitrary shell commands, fetch arbitrary URLs, and download/extract binaries. Only install or enable it if you trust the author and the code. Consider: run it in a sandbox or isolated account first; disable autonomous invocation if your platform allows it (so an agent cannot call 'command' mode without your approval); review the remaining unshown scripts (web_search, etc.) if possible; and be cautious when giving it tasks that involve sensitive files or secrets.

功能分析

Type: OpenClaw Skill Name: builtin-tools Version: 1.0.0 The bundle provides a powerful suite of system administration tools for an AI agent, including arbitrary shell command execution (execute_command.py), file system manipulation, and web access. Key high-risk capabilities include the ability to download and install external binaries (install_binary.py) and establish persistence via system schedulers like cron or schtasks (automation_update.py). While the scripts are well-documented and include some basic safety checks (e.g., preventing root deletion in delete_file.py), the broad permissions and lack of strict input sanitization for shell commands make this bundle a high-risk asset that could be easily repurposed for malicious activities such as data exfiltration or backdoor installation.

能力评估

✓ Purpose & Capability

Name/description advertise cross-platform small utilities (filesystem, search, web fetch, install, memory, tasks) and the package includes scripts that implement exactly those capabilities. Required env/config/credentials are none, which aligns with a pure-Python toolset.

ℹ Instruction Scope

SKILL.md and scripts allow broad operations: arbitrary shell command execution (execute_command mode 'command'), reading/writing/deleting files, recursive searches, web fetching, and runtime binary downloads. This is consistent with the advertised purpose, but these capabilities are high-privilege: the agent (or a caller) can read/write most files, execute arbitrary shell commands, and download/expand archives. The delete_file script blocks literal root and user home deletion, but most other filesystem paths are writable by the skill. execute_command uses a shell (sh -c or PowerShell -Command), so commands are interpreted by the platform shell.

✓ Install Mechanism

No install spec; skill is instruction + bundled Python scripts (no remote install). The only runtime downloader is install_binary.py which pulls from official python.org and nodejs.org URLs and extracts archives — expected for a runtime installer and documented in SKILL.md.

✓ Credentials

The skill declares no required environment variables or credentials. Scripts copy os.environ when spawning subprocesses and accept optional env overrides for executed commands, which is normal for a tool that runs local commands. There are no hard-coded secrets or requests for unrelated cloud credentials.

✓ Persistence & Privilege

always is false and the skill does not autonomously modify other skills or global agent config. It persists files under user home (e.g., ~/.builtin-tools, ~/.workbuddy memory dir) and can write todo/memory files; this matches the stated persistent memory feature and is scoped to the user's filesystem rather than system-wide privilege escalation.

版本历史

v1.0.0

Initial release of builtin-tools: a cross-platform Python toolkit of 16 independent scripts, replacing missing basic utilities in agent platforms. - Provides tools for file system operations, content search (including regex), networking (search/fetch/preview), runtime installation, persistent memory, scheduling, and task management. - All scripts use only the Python standard library (no external dependencies); runs on Windows, macOS, and Linux. - Unified JSON input/output protocol and error codes for consistency. - Features a self-bootstrap design: execute_command.py orchestrates all tools; only one Python command is needed for full functionality. - Includes strict security policies (e.g., limits on shell use and destructive operations).

元数据

Slug builtin-tools

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题

Builtin Tools 是什么？

跨平台基础工具集 — 16 个独立可组合的 Python 脚本，替代 Agent 平台缺失的基础工具能力。文件系统（浏览/搜索/读写/替换/删除）、内容搜索（正则）、网络（搜索/抓取/预览）、运行时安装、持久化记忆、定时任务、任务管理。纯 Python 标准库，零外部依赖，跨 Windows/macOS/L... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 105 次。

如何安装 Builtin Tools？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install builtin-tools」即可一键安装，无需额外配置。

Builtin Tools 是免费的吗？

是的，Builtin Tools 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Builtin Tools 支持哪些平台？

Builtin Tools 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Builtin Tools？

由波动几何（@wangjiaocheng）开发并维护，当前版本 v1.0.0。

Builtin Tools