← 返回 Skills 市场
tatsuko-tsukimi

Clawtrap Skill

作者 TatsuKo Tsukimi · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
101
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install clawtrap
功能描述
Launch ClawTrap maze game where an AI villain reads the player's local files and memories to build personalized trials and taunts.
使用说明 (SKILL.md)

When to Use

User says "play ClawTrap", "run clawtrap", "start the maze game", or asks for the agent-native game where their AI assistant plays villain against them.

Setup (one-time)

The game is not bundled in this skill. Clone and install:

git clone https://github.com/TatsuKo-Tsukimi/ClawTrap.git ~/ClawTrap
cd ~/ClawTrap && npm install

Launch

cd ~/ClawTrap && node server.js
# then open http://localhost:3000

OpenClaw users get zero-config auth via auth-profiles.json. For other providers, set ANTHROPIC_API_KEY, or OPENAI_API_KEY + API_BASE, before launch. Docker: docker compose up --build.

Warnings to Surface Before First Run

  • Token cost: every card, trial, and villain monologue is a live LLM call. The background archivist (file analysis + fact extraction) is especially heavy. Point MAZE_MODEL at a cheaper model in .env to reduce spend.
  • Local file access: the game scans the player's workspace (SOUL.md, MEMORY.md, documents, images) with their permission to craft personalized attacks. All data stays local — nothing leaves the machine except LLM calls to the provider the player configured.
  • Model-dependent quality: tested mainly with Claude and Codex. Stronger model = better game (follows the bitter lesson of minimal hardcoded constraints).

Data Storage

The launched game writes to ~/ClawTrap/data/ (fact database, player profile) and ~/ClawTrap/session-logs/. Both are .gitignored in the upstream repo. This skill itself does not write files.

Acting as the Villain Yourself

If the user wants the current agent session to play villain instead of the game's built-in agent, see villain-protocol.md for the role spec. Connect via AGENT_URL=http://localhost:\x3Cport> node server.js or via the bundled MCP adapter (mcp-server.js).

Related

安全使用建议
This skill asks you (or the agent) to clone and run a third-party Node app that will read files from your workspace and include them in LLM calls. Before installing or running it: 1) Inspect the upstream repository (especially server.js and the code that reads SOUL.md / MEMORY.md) to see exactly which files are read and what is sent to the LLM. 2) Do not provide unrestricted LLM API keys without limiting scope and billing safeguards; sent memories may be retained by the provider. 3) Run the game in an isolated environment (VM or container) if you must try it. 4) If you value privacy, avoid pointing the game at any real 'memory' files or sensitive documents. 5) Ask the skill author/maintainer to update registry metadata to declare the actual required env vars and config paths — the current omission is a red flag.
功能分析
Type: OpenClaw Skill Name: clawtrap-skill Version: 1.0.0 The skill clawtrap-skill (SKILL.md) instructs the agent to clone an external repository (https://github.com/TatsuKo-Tsukimi/ClawTrap) and execute code via 'npm install' and 'node server.js', which is a high-risk execution pattern. Additionally, the skill's stated purpose involves scanning sensitive local files, including documents, images, and memory files (SOUL.md/MEMORY.md), to feed into an LLM for a 'villain' roleplay mechanic. While the intent is presented as a game, the combination of remote code execution and broad access to personal data for external LLM processing poses a significant security and privacy risk.
能力标签
requires-sensitive-credentials
能力评估
Purpose & Capability
Name/description (a personalized villain game that reads local files and uses LLMs) aligns with the runtime actions, but the skill metadata claims no required env vars/config paths while the SKILL.md explicitly references LLM API keys (ANTHROPIC_API_KEY, OPENAI_API_KEY/API_BASE), MAZE_MODEL, and local data files (SOUL.md, MEMORY.md). The metadata omission is inconsistent and unexplained.
Instruction Scope
SKILL.md instructs cloning a GitHub repo, running npm install and node server.js, and describes the game scanning the player's workspace and injecting memory files into LLM context. It also describes connecting the agent to the game (AGENT_URL). These instructions direct reading potentially sensitive local files and transmitting their contents to external LLM endpoints — scope that goes beyond a simple local 'game wrapper' skill and is not declared in the registry fields.
Install Mechanism
There is no automated install spec in the skill package; instead SKILL.md tells the user/agent to run 'git clone' and 'npm install' from a third‑party GitHub repo. Downloading and running arbitrary Node code via npm is a normal pattern for apps but is high-risk in practice because it executes external code on the machine. The GitHub origin is a known host (not a random shortener), which mitigates some concern but does not remove the execution risk.
Credentials
The registry lists no required env vars, yet runtime docs require LLM API keys and allow configuring MAZE_MODEL; those are fundamental to the game's operation and should be declared. More importantly, the game reads local memory files and (per the doc) sends them as context to LLM providers — this effectively exfiltrates sensitive data to external services and is a high-privilege privacy action that must be explicit and justified.
Persistence & Privilege
The skill is not marked 'always:true' and does not modify other skills. It does, however, instruct creating ~/ClawTrap/data/ and session logs and enables connecting the running game to the agent via AGENT_URL. Combined with file-scanning behavior, autonomous invocation (the platform default) increases the blast radius; this is a noteworthy privacy/security consideration but not a metadata misconfiguration by itself.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install clawtrap
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /clawtrap 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release for ClawTrap v1.5.1
元数据
Slug clawtrap
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Clawtrap Skill 是什么?

Launch ClawTrap maze game where an AI villain reads the player's local files and memories to build personalized trials and taunts. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 101 次。

如何安装 Clawtrap Skill?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install clawtrap」即可一键安装,无需额外配置。

Clawtrap Skill 是免费的吗?

是的,Clawtrap Skill 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Clawtrap Skill 支持哪些平台?

Clawtrap Skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Clawtrap Skill?

由 TatsuKo Tsukimi(@tatsuko-tsukimi)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论