← 返回 Skills 市场

Discord Dual Bot Orchestrator

Name: Discord Dual Bot Orchestrator
Author: nbdxrycyl

作者 nbdxrycyl · GitHub ↗ · v1.0.0

cross-platform ⚠ suspicious

453

总下载

当前安装

版本数

在 OpenClaw 中安装

/install discord-dual-bot-orchestrator

功能描述

Set up and operate dual Discord bots on one machine with isolated memory, channel allowlists, mention-gated reviewer bot behavior, optional one-way reviewer-...

使用说明 (SKILL.md)

Discord Dual Bot Orchestrator

Use placeholders only. Never store real secrets in this skill.

Required placeholders

BOT_A_NAME
BOT_B_NAME
BOT_A_TOKEN
BOT_B_TOKEN
BOT_A_ID
BOT_B_ID
GUILD_ID
CHANNEL_ID_LIST (comma-separated)
BASE_DIR (example: ~/.openclaw/bots)

Workflow

Create isolated workspaces for bot-a and bot-b.
Write .env files from template using placeholders.
Apply channel allowlist policy:
- Bot-A: primary chat policy
- Bot-B: requireMention=true on allowlisted channels
Optional: enable one-way bridge (bot-b -> bot-a) for reviewer feedback.
Create backup snapshot before each risky iteration.
If behavior regresses, rollback snapshot and restart both gateways.

Commands

Initialize layout

Run:

scripts/init_dual_bot.sh

Apply policy (placeholder-safe)

Run:

scripts/apply_policy.sh

Backup current state

Run:

scripts/backup_state.sh

Rollback from backup dir

Run:

scripts/rollback_state.sh \x3CBACKUP_DIR>

Guardrails

Keep BOT_B_TOKEN separate from BOT_A_TOKEN.
Keep bot-b mention-gated in group channels.
Never enable bidirectional auto-bridge (avoids reply loops).
Always backup before patching runtime files.

安全使用建议

This skill appears to implement the advertised dual-bot orchestration, but it has two practical concerns you should address before running anything: (1) metadata claims no required credentials while the runtime templates and scripts clearly need bot tokens/IDs and will use values you place into .env files, and (2) the scripts read/write configs under your home directory and the rollback script will overwrite openclaw config files without prompts. Recommendations: inspect every script line-by-line, run in an isolated test account or container (not your real bot/guild), back up existing ~/.openclaw and ~/.openclaw-bot-b manually before using the provided backup/rollback, set BOTB_CONFIG/BASE_DIR/OUT_DIR to test paths to avoid clobbering production files, never commit real tokens into the skill files, and only provide credentials at runtime in the actual bot .env (not in the repo). If the package metadata can be corrected to declare the required credentials and path env vars explicitly, that would reduce ambiguity.

功能分析

Type: OpenClaw Skill Name: discord-dual-bot-orchestrator Version: 1.0.0 The skill bundle is classified as suspicious due to multiple critical path traversal and arbitrary file write vulnerabilities across all shell scripts. Specifically, `scripts/apply_policy.sh`, `scripts/backup_state.sh`, `scripts/init_dual_bot.sh`, and `scripts/rollback_state.sh` directly use unsanitized environment variables (`BOTB_CONFIG`, `OUT_DIR`, `BASE_DIR`) and user-provided arguments (`BK_DIR` from `<BACKUP_DIR>` placeholder) in file system operations (`Path()`, `mkdir -p`, `cp -f`, `cat >`). This allows an attacker to write to arbitrary file paths, potentially leading to configuration corruption, data disclosure, or even remote code execution by overwriting critical system files.

能力评估

ℹ Purpose & Capability

The scripts and SKILL.md implement the advertised capabilities (creating isolated workspaces, writing .env templates, applying channel allowlists, backups and rollbacks). However, the package metadata declares no required environment variables or credentials while the runtime instructions and templates clearly rely on bot tokens, IDs, guild/channel IDs, and other placeholders — this mismatch is unexpected and should be clarified.

⚠ Instruction Scope

The instructions and scripts operate on configuration files under $HOME (e.g. ~/.openclaw/openclaw.json and ~/.openclaw-bot-b/openclaw.json), create directories in the user's filesystem, and overwrite those files during rollback. apply_policy.sh edits the bot-b JSON config and backup/rollback copy files without additional confirmation. These actions are coherent with the stated purpose but are potentially destructive and broaden the agent's scope to the user's OpenClaw config files.

✓ Install Mechanism

No install spec is provided and included files are simple shell and small Python snippets. There is no external download or archive extraction. Risk from install mechanism is low.

⚠ Credentials

The SKILL.md lists many sensitive placeholders (BOT_A_TOKEN, BOT_B_TOKEN, BOT IDs, GUILD_ID, CHANNEL_ID_LIST) and the scripts read environment variables (BOTB_CONFIG, GUILD_ID, CHANNEL_ID_LIST, BASE_DIR, OUT_DIR). Yet the skill metadata declares no required env vars/primary credential. Sensitive tokens are necessary for the skill's function but their handling depends on the user replacing .env.template files; this mismatch and the absence of an explicit credential declaration is a red flag. The scripts also default to standard home paths which can expose or overwrite existing configs if mispointed.

ℹ Persistence & Privilege

The skill is not always-enabled and does not install persistent agents. However, its scripts directly modify and restore user config files under $HOME, which is a form of high-impact filesystem privilege. That behaviour is consistent with its purpose but increases blast radius if run unintentionally or with incorrect paths.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install discord-dual-bot-orchestrator
安装完成后，直接呼叫该 Skill 的名称或使用 /discord-dual-bot-orchestrator 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial public release (placeholder-safe, no personal info)

元数据

Slug discord-dual-bot-orchestrator

版本 1.0.0

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题