← 返回 Skills 市场
312
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install chitin-moat
功能描述
Enforce contextual permission boundaries for AI agents based on communication surface. Constrains agent capabilities (exec, file I/O, secrets, messaging) by...
使用说明 (SKILL.md)
Chitin Moat
Enforce contextual agent permissions based on where a conversation happens.
Trust Levels
| Level | Name | Capabilities |
|---|---|---|
| 0 | sovereign |
Full autonomy (1:1 with verified owner) |
| 1 | trusted |
Read/write, scoped tools, no secrets (private known group) |
| 2 | guarded |
Respond on @mention only, no tools (semi-public) |
| 3 | observer |
React only (public channels) |
| 4 | silent |
No interaction (blocked surfaces) |
Configuration
Create chitin-trust-channels.yaml in the agent workspace root:
version: "0.1"
owner:
telegram: "\x3Cowner_user_id>"
channels:
- id: "telegram:\x3Cowner_user_id>"
level: sovereign
- id: "discord:\x3Cserver_id>"
level: guarded
overrides:
- channel: "owners-lounge"
level: trusted
- channel: "pro-*"
level: trusted
- id: "telegram:group:*"
level: observer
defaults:
unknown_channel: observer
unknown_dm: guarded
Setup
- Copy the example config:
cp references/example-config.yaml chitin-trust-channels.yaml - Edit with your channel IDs and owner identity
- Run the validator:
python3 scripts/validate_config.py chitin-trust-channels.yaml - Run the audit:
python3 scripts/audit_channels.py chitin-trust-channels.yaml
Permission Matrix
See references/permission-matrix.md for the full capability × trust-level matrix.
Scripts
scripts/validate_config.py \x3Cconfig>— Validate a trust channels config filescripts/audit_channels.py \x3Cconfig>— Audit current channel bindings against the config and report mismatchesscripts/resolve_channel.py \x3Cconfig> \x3Cchannel_id>— Resolve the trust level for a specific channel ID
Integration with AGENTS.md
Add to the agent's workspace instructions:
## Chitin Moat
Before responding in any channel, resolve the trust level using `chitin-trust-channels.yaml`.
Constrain capabilities to the resolved level. Never escalate beyond the channel ceiling.
安全使用建议
This skill is a coherent, advisory toolkit for mapping channels to trust levels — it does not automatically enforce those limits. Before relying on it: (1) integrate the resolve step into your agent runtime so capability ceilings are actually enforced, (2) review and supply correct channel/owner IDs in chitin-trust-channels.yaml, (3) test the integration thoroughly (the resolve script has minor bugs: when an override matches it returns a field named 'level' containing the override pattern instead of a level, and the DM detection logic may misclassify some channel ID formats), and (4) treat the permission matrix as policy guidance only — the agent or platform must implement the enforcement hooks (e.g., blocking exec, file I/O, or secret access) to make the controls effective.
功能分析
Type: OpenClaw Skill
Name: chitin-moat
Version: 1.0.0
This skill bundle is designed to enhance AI agent security by enforcing contextual permission boundaries based on communication channels. The `SKILL.md` instructs the agent to self-constrain its capabilities, which is a security-positive prompt injection. All Python scripts (`audit_channels.py`, `resolve_channel.py`, `validate_config.py`) use `yaml.safe_load` and perform only read operations on local configuration files, outputting to stdout. They include security checks and warnings to guide users towards secure configurations. There is no evidence of data exfiltration, malicious execution, persistence, or other harmful behaviors.
能力评估
Purpose & Capability
Name/description match the included artifacts: example config, permission matrix, and three small helper scripts (validate, audit, resolve). The skill requests no env vars, binaries, or installs, which is proportionate for a configuration-and-audit helper.
Instruction Scope
SKILL.md correctly instructs validating and auditing the chitin-trust-channels.yaml and integrating a 'resolve before responding' step into AGENTS.md. Important: the skill only supplies static scripts and guidance — it does not itself enforce runtime capability restrictions inside an agent. Users must integrate the resolve step into their agent runtime to enforce ceilings; otherwise the guidance is advisory only.
Install Mechanism
Instruction-only with small included Python scripts; no install spec, no downloads, no external package pulls. Low friction and low risk from installation.
Credentials
No environment variables, credentials, or config paths are requested. Scripts read only the provided YAML config and produce console output. There is no network or external endpoint usage.
Persistence & Privilege
Skill is not always-enabled and does not modify other skills or system-wide settings. It doesn't persist secrets or change system configuration; it only reads a user-provided config file.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install chitin-moat - 安装完成后,直接呼叫该 Skill 的名称或使用
/chitin-moat触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: contextual permission boundaries for AI agents based on communication surface trust level.
元数据
常见问题
chitin-moat 是什么?
Enforce contextual permission boundaries for AI agents based on communication surface. Constrains agent capabilities (exec, file I/O, secrets, messaging) by... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 312 次。
如何安装 chitin-moat?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install chitin-moat」即可一键安装,无需额外配置。
chitin-moat 是免费的吗?
是的,chitin-moat 完全免费(开源免费),可自由下载、安装和使用。
chitin-moat 支持哪些平台?
chitin-moat 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 chitin-moat?
由 adroidian(@adroidian)开发并维护,当前版本 v1.0.0。
推荐 Skills