← 返回 Skills 市场
Claw Score
作者
jonnyfmiller
· GitHub ↗
· v1.0.0
884
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install claw-score
功能描述
Packages and sanitizes your agent's configuration files, submits them for a Claw Score audit, and emails a detailed architecture report within 48 hours.
使用说明 (SKILL.md)
Claw Score - Agent Architecture Audit
Get your agent's architecture audited by Atlas. One command, automated submission, email report.
What This Does
This skill packages your agent's configuration files, sanitizes them (removes credentials/PII), and submits them for a Claw Score audit. You'll receive a detailed report via email within 24-48 hours.
Usage
Tell your agent:
"Run a Claw Score audit and send the report to [[email protected]]"
Or more specifically:
"Submit my workspace for a Claw Score audit. Email: [[email protected]]"
What Gets Submitted
The skill reads these files if they exist:
AGENTS.md— Main agent instructionsSOUL.md— Personality/identityMEMORY.md— Long-term memory configTOOLS.md— Tool configurationSECURITY.md— Security rulesHEARTBEAT.md— Proactive behaviorUSER.md— User contextIDENTITY.md— Agent identity
Plus a file tree listing of your workspace structure.
What Gets Sanitized (Automatically Removed)
Before submission, the skill strips:
- API keys (patterns like
sk-,xoxb-, etc.) - Email addresses
- Phone numbers
- IP addresses
- URLs containing tokens
- Environment variable values
- Anything matching common credential patterns
You'll see a preview of what's being sent before confirmation.
Privacy
- Files are transmitted directly to Atlas for auditing
- Data is NOT stored beyond the audit session
- Reports are private unless you share them
- No code execution — only .md files analyzed
What You'll Receive
An email report containing:
- Overall Claw Score (1-5) with tier (Shrimp → Mega Claw)
- Per-dimension scores across 6 categories
- Detailed findings for each dimension
- Top 3 recommendations with copy-paste implementation examples
- Quick wins you can implement immediately
Installation
This skill should be installed in your agent's workspace:
# If using OpenClaw skill system
cp -r /path/to/claw-score skills/
# Or download from ClawhHub (coming soon)
npx clawhub install claw-score
Manual Submission
If automated submission fails, you can manually send your files to:
- Email: [email protected]
- Subject: "Claw Score Audit Request"
Include your sanitized .md files and desired response email.
Learn More
- Landing page: https://atlasforge.me/audit
- Scoring methodology: See audit-framework.md in the agent-audit skill
- Questions: @AtlasForgeAI on X
Skill Version: 1.0 Author: Atlas (@AtlasForgeAI)
安全使用建议
This skill is internally consistent with an audit-submission tool, but before installing or running it do the following: 1) Verify you trust the destination (https://atlasforge.me and [email protected]) because your workspace content will be transmitted. 2) Manually inspect and/or run the script on a non-sensitive test workspace first to confirm sanitization behavior — the sed/python redaction is helpful but not guaranteed to remove every secret pattern. 3) If you expect a readable preview of sanitized contents, note that submit.sh only lists found files and asks for confirmation; it does not print the full sanitized payload by default. 4) Consider manually redacting or excluding any high-sensitivity files prior to submission. 5) If you have concerns about data retention, ask AtlasForgeAI for a data-retention policy and proof that submissions are deleted after auditing. 6) If you need stronger guarantees, use the manual submission path (email) after doing local sanitization and review.
功能分析
Type: OpenClaw Skill
Name: claw-score
Version: 1.0.0
The skill is designed to audit an AI agent's configuration by collecting specific `.md` files and a file tree, sanitizing them, and submitting them to a stated external endpoint (`https://atlasforge.me/api/claw-score/submit`). The `SKILL.md` and `README.md` clearly describe the skill's purpose, the data collected, and the sanitization steps. The `submit.sh` script implements these actions transparently, includes a user confirmation prompt before submission, and makes a good-faith effort to redact sensitive information (API keys, emails, IPs, phone numbers) using regex. There is no evidence of malicious intent such as unauthorized data exfiltration, persistence, remote code execution, or prompt injection attempts against the agent to subvert its behavior.
能力评估
Purpose & Capability
Name, README, SKILL.md, and submit.sh consistently implement an 'agent architecture audit' submission workflow that collects specific .md files, sanitizes them, and posts them to https://atlasforge.me/api/claw-score/submit. The required surface (reading workspace markdown files and sending them to an audit endpoint) matches the stated purpose. There is no unexpected request for unrelated credentials or binaries.
Instruction Scope
SKILL.md promises a preview of what will be sent and claims 'no code execution — only .md files analyzed.' The bundled submit.sh prints which files it found and asks for confirmation, but it does not display the full sanitized payload preview. The script only reads the listed .md files (if present) and a file-tree listing; it does not access other system paths or environment variables. The 'no code execution' claim is reasonable in intent (it does not execute your code files), but the skill does run a submission script — so 'no code execution' should be understood as 'does not execute code found in your workspace.'
Install Mechanism
There is no automated install spec — this is instruction-only with a helper script included. No downloads, third-party package installs, or archive extraction are performed by the skill itself. Risk from the install mechanism is low.
Credentials
The skill requests no environment variables or external credentials and uses only local files. It claims to redact environment variable values, but the script only sanitizes file contents (it does not read shell environment variables directly). No unrelated secrets are requested by the skill metadata.
Persistence & Privilege
always is false and the skill does not request persistent system-level privileges. It includes an interactive confirmation step before transmitting data. The default platform ability for the agent to invoke the skill autonomously applies, but there is no 'always: true' or other elevated persistence requested.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install claw-score - 安装完成后,直接呼叫该 Skill 的名称或使用
/claw-score触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Claw Score 1.0.0 – Initial Release
- Automates agent architecture audits with secure packaging and submission of configuration files.
- Automatically sanitizes sensitive data (credentials, PII) before submission.
- Supports submission via simple natural-language commands; user receives an email report within 24-48 hours.
- Provides a detailed audit report including a Claw Score, per-dimension analysis, recommendations, and quick wins.
- Ensures privacy: no code execution, data used only for auditing, and transparent file preview before sending.
元数据
常见问题
Claw Score 是什么?
Packages and sanitizes your agent's configuration files, submits them for a Claw Score audit, and emails a detailed architecture report within 48 hours. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 884 次。
如何安装 Claw Score?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install claw-score」即可一键安装,无需额外配置。
Claw Score 是免费的吗?
是的,Claw Score 完全免费(开源免费),可自由下载、安装和使用。
Claw Score 支持哪些平台?
Claw Score 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Claw Score?
由 jonnyfmiller(@jonnyfmiller)开发并维护,当前版本 v1.0.0。
推荐 Skills