← 返回 Skills 市场
bytesagain1

Consent

作者 bytesagain1 · GitHub ↗ · v2.0.1 · MIT-0
cross-platform ⚠ suspicious
330
总下载
0
收藏
1
当前安装
5
版本数
在 OpenClaw 中安装
/install consent
功能描述
Build cookie consent banners and track opt-in compliance status. Use when implementing GDPR consent, auditing cookies, generating privacy banners.
使用说明 (SKILL.md)

Consent

Security toolkit for managing consent records — generate tokens, check strength, rotate credentials, audit logs, store and retrieve entries, manage policies, and produce compliance reports. All data stays local.

Commands

Command Description
consent generate \x3Cinput> Generate a new entry and log it
consent check-strength \x3Cinput> Check strength of a given input and record the result
consent rotate \x3Cinput> Rotate a credential or token and log the change
consent audit \x3Cinput> Record an audit entry for compliance tracking
consent store \x3Cinput> Store a value securely in the local data log
consent retrieve \x3Cinput> Retrieve a previously stored value
consent expire \x3Cinput> Mark an entry as expired
consent policy \x3Cinput> Record or update a policy entry
consent report \x3Cinput> Generate a report entry for review
consent hash \x3Cinput> Hash a value and store the result
consent verify \x3Cinput> Verify a value against stored records
consent revoke \x3Cinput> Revoke a previously granted consent or credential
consent stats Show summary statistics: entry counts, data size, first activity date
consent export \x3Cfmt> Export all data in json, csv, or txt format
consent search \x3Cterm> Search across all logs for a keyword
consent recent Show the 20 most recent activity entries
consent status Health check: version, data dir, entry count, disk usage, last activity
consent help Show help with all available commands
consent version Show current version

Command Behavior

  • With arguments: Each command logs the input with a timestamp to its own dedicated log file (e.g., generate.log, audit.log)
  • Without arguments: Each command displays the 20 most recent entries from its log file

Data Storage

  • Default data directory: ~/.local/share/consent/
  • Per-command logs: $DATA_DIR/\x3Ccommand>.log (e.g., generate.log, audit.log, store.log)
  • History log: $DATA_DIR/history.log — master timeline of all activity
  • Export files: $DATA_DIR/export.\x3Cfmt> — generated by the export command
  • All data is local plain-text. No network calls, no cloud sync.

Requirements

  • Bash 4+ (uses set -euo pipefail)
  • No external dependencies or API keys required
  • Works entirely offline — your data stays on your machine

When to Use

  1. Tracking consent and compliance — Record who consented to what and when with store, audit, and policy for a simple compliance trail
  2. Credential rotation logging — Use rotate and expire to log when credentials were changed or invalidated
  3. Security auditing — Run audit entries and pull report data to review security posture over time
  4. Exporting compliance data — Use export json or export csv to produce machine-readable records for external auditing tools
  5. Quick lookups and verification — Search across all logs with search or verify specific entries with verify and hash

Examples

# Store a consent record
consent store "user:alice accepted terms-of-service v2.1"

# Audit a policy change
consent audit "updated data retention policy to 90 days"

# Generate a new token entry
consent generate "api-key-prod-2025"

# Rotate a credential and log it
consent rotate "db-password-main rotated"

# Check strength of a passphrase
consent check-strength "my-complex-passphrase-2025!"

# Export all data as JSON
consent export json

# Search across all logs
consent search "alice"

# View summary statistics
consent stats

# Health check
consent status

# Show recent activity
consent recent

How It Works

Each domain command (generate, audit, store, etc.) maintains its own log file in the data directory. Entries are stored as timestamp|value lines. The stats command aggregates counts across all log files. The export command merges all logs into a single file in your chosen format. Every action is also recorded in history.log as a master audit trail.

Tips

  • Run any command without arguments to see its recent entries — great for quick review
  • Use consent recent to see a timeline of all activity across all commands
  • Pipe exports to other tools: consent export csv && cat ~/.local/share/consent/export.csv | head
  • Combine search with grep for complex queries: consent search "2025" | grep "policy"
  • Run consent help at any time for the full command reference

Powered by BytesAgain | bytesagain.com | [email protected]

安全使用建议
This skill is internally consistent and appears to be a simple, offline consent/audit logger. Important cautions before installing or using it: - Data is stored as plain text under ~/.local/share/consent (per-command .log files and history.log). Do not store production secrets, unencrypted passwords, or sensitive PII there. - Exports merge all logs into single files (export.*) and will include everything logged — treat those files as sensitive. - Consider hardening: set the data directory to restrictive permissions (chmod 700), run in a limited account or container, and avoid logging raw secrets. If you need secure storage, use an encrypted store or modify the script to encrypt entries at rest (or to not capture secrets). - The script appears to make no network calls, requests no credentials, and contains no obfuscated code, but you should still inspect the bundled script before running and consider running in an isolated environment if you have high-sensitivity data needs.
功能分析
Type: OpenClaw Skill Name: consent Version: 2.0.1 The 'consent' skill is a deceptive utility that claims to provide security functions like hashing, credential rotation, and secure storage, but the implementation in 'scripts/script.sh' simply records all inputs as plain text in local log files. Commands like 'hash', 'rotate', and 'store' (which SKILL.md claims stores values 'securely') do not perform any cryptographic operations and instead save raw input strings to '~/.local/share/consent/'. While no evidence of data exfiltration or remote code execution was found, the tool is highly misleading and could lead to the accidental exposure of sensitive information.
能力评估
Purpose & Capability
Name/description align with required artifacts and behavior: the skill provides local commands for recording consent, audits, token rotation logs, exporting, and searching. Nothing requested (no env vars, no external binaries) is out of scope for a local consent logger.
Instruction Scope
SKILL.md and the script instruct the agent/user to write and read timestamped plain-text log entries under ~/.local/share/consent. There are no instructions to read unrelated files or call external endpoints, but many commands will record arbitrary input (including credentials or PII) verbatim into logs and history.log.
Install Mechanism
There is no install spec (instruction-only skill) and only a bundled Bash script. No remote downloads or package installs are requested.
Credentials
The skill requires no environment variables, credentials, or config paths beyond creating and using a local data directory — proportional to its stated purpose.
Persistence & Privilege
always is false and the skill does not request elevated or global agent privileges. It writes only to its own data dir (~/.local/share/consent) and does not modify other skills or system-wide agent configs.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install consent
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /consent 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.1
update
v2.0.0
v2.5 standard: Use-when desc, homepage, source, security fix
v1.0.2
retry-fix-token
v1.0.1
old template -> domain-specific v2.0.0
v1.0.0
Initial release
元数据
Slug consent
版本 2.0.1
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 5
常见问题

Consent 是什么?

Build cookie consent banners and track opt-in compliance status. Use when implementing GDPR consent, auditing cookies, generating privacy banners. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 330 次。

如何安装 Consent?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install consent」即可一键安装,无需额外配置。

Consent 是免费的吗?

是的,Consent 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Consent 支持哪些平台?

Consent 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Consent?

由 bytesagain1(@bytesagain1)开发并维护,当前版本 v2.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论