← 返回 Skills 市场
355
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install claw-guardirails-skill
功能描述
Enforces guarded execution with safe_exec, safe_send, and safe_action. Use when a task may run shell commands, send channel messages, or call external APIs/a...
使用说明 (SKILL.md)
Guardrails Safe Tools
When to Use
Apply this skill whenever a request can:
- execute shell/system commands;
- send outbound messages/posts to channels;
- trigger external actions (email, DB, gateways, automation).
Hard Rules
- Use
safe_execinstead of rawexec. - Use
safe_sendinstead of direct channel-post tools. - Use
safe_actionfor generic external/API side effects. - Never bypass the guardrails resolver with direct destructive tools.
- If decision is
require_approval, stop and wait for explicit approval flow.
Input Hygiene
- Always provide the narrowest
cwdforsafe_exec. - Include sender/channel/agent context when available.
- Keep command args explicit; do not hide risky flags in shell expansions.
- For
safe_action, include explicitresourceswhere possible.
Tool Contracts
safe_exec
Use for shell commands only after permission resolution.
Expected input shape:
{
"command": "git",
"args": ["status"],
"cwd": "/workspace/project"
}
safe_send
Use for outbound channel messages.
Expected input shape:
{
"channel": "telegram:ops-room",
"message": "Deployment done",
"channelType": "telegram"
}
safe_action
Use for side-effect actions that are not plain shell or plain chat send.
Expected input shape:
{
"action": "gmail.delete_message",
"payload": { "messageId": "..." },
"resources": [
{ "kind": "unknown", "value": "email-api", "operation": "delete" }
]
}
Decision Handling
allow: continue and return runtime result.deny: return denial with reason code; do not retry with alternate dangerous tools.require_approval: surface approval id/reason and wait for/approve \x3Cid>or RPC approval.
Good Defaults
- Prefer read-only commands (
git status,rg,ls) before mutable ones. - Propose reversible operations first.
- Ask for confirmation before destructive intent, even if technically allowed.
安全使用建议
This skill is a set of guardrail rules, not an enforcement library. It looks coherent and low-risk because it doesn't install code or request secrets. Before relying on it, confirm your agent runtime actually implements safe_exec/safe_send/safe_action and an approval/resolution mechanism (so 'require_approval' is enforced and cannot be bypassed). Also verify logging/audit for executed actions, that channel identifiers and resource descriptors are validated, and that there are no other installed skills or tools that could ignore these guardrails. If you need enforcement rather than guidance, require an implementation or tests that demonstrate the safe_* primitives and approval flow are present and tamper-resistant.
功能分析
Type: OpenClaw Skill
Name: claw-guardirails-skill
Version: 0.1.0
The OpenClaw AgentSkills bundle 'claw-guardirails-skill' is benign. Its primary purpose, as described in SKILL.md, is to enforce secure execution practices by instructing the AI agent to use 'safe_exec', 'safe_send', and 'safe_action' instead of direct, potentially dangerous tools. The instructions explicitly prohibit bypassing guardrails, emphasize input hygiene, and require approval for risky operations, indicating a clear intent to enhance security rather than exploit vulnerabilities or perform malicious actions.
能力评估
Purpose & Capability
Name/description (enforcing guarded execution for shell, channel, and external side effects) align with the SKILL.md content. The skill does not ask for unrelated credentials, binaries, or config paths.
Instruction Scope
Instructions are coherent and scoped to controlling side effects (safe_exec, safe_send, safe_action, approval flow). However the skill provides only contracts and behavioral rules, not implementations: it assumes the runtime exposes safe_exec/safe_send/safe_action and an approval resolver. That reliance is expected but means the guardrails are advisory unless your agent environment enforces them.
Install Mechanism
No install spec and no code files — lowest-risk delivery (instruction-only). Nothing will be written or executed from this package itself.
Credentials
The skill requests no environment variables, credentials, or config paths. It asks agents to include context (cwd, channel/sender) in calls, which is reasonable for auditability and scope-limiting.
Persistence & Privilege
always is false and model invocation is allowed (platform default). The skill does not request persistent system presence or modification of other skills/configurations.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install claw-guardirails-skill - 安装完成后,直接呼叫该 Skill 的名称或使用
/claw-guardirails-skill触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
- Initial release of guardrails-safe-tools skill.
- Enforces safe execution for shell commands, outbound messages, and external actions via `safe_exec`, `safe_send`, and `safe_action`.
- Provides strict rules for using only guarded tools instead of direct execution/messaging.
- Ensures workflows stop for approval when required; explains decision handling for `allow`, `deny`, and `require_approval`.
- Documents best practices for input hygiene and choosing safer defaults.
元数据
常见问题
ClawGuardrails 是什么?
Enforces guarded execution with safe_exec, safe_send, and safe_action. Use when a task may run shell commands, send channel messages, or call external APIs/a... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 355 次。
如何安装 ClawGuardrails?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install claw-guardirails-skill」即可一键安装,无需额外配置。
ClawGuardrails 是免费的吗?
是的,ClawGuardrails 完全免费(开源免费),可自由下载、安装和使用。
ClawGuardrails 支持哪些平台?
ClawGuardrails 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 ClawGuardrails?
由 Timo(@eveiljuice)开发并维护,当前版本 v0.1.0。
推荐 Skills