← 返回 Skills 市场

Elasticsearch Openclaw

Name: Elasticsearch Openclaw
Author: salgado

作者 Alex Salgado · GitHub ↗ · v1.1.1

linuxdarwinwin32 ⚠ suspicious

547

总下载

当前安装

版本数

在 OpenClaw 中安装

/install elasticsearch-openclaw

功能描述

Read-only Elasticsearch 9.x reference for AI-orchestrated search and analytics. SECURITY: This skill provides documentation for read-only operations only (se...

使用说明 (SKILL.md)

Elasticsearch OpenClaw 🔍

Modern Elasticsearch 9.x patterns for AI-orchestrated applications.

🔒 Security Model: Read-Only by Design

This skill provides documentation for read-only operations only: search, aggregations, and analytics. No write operations (indexing, updates, deletions) are included or executed by the agent.

Note: This skill requires external credentials (Elasticsearch API key) to function. ClawHub security scanners may flag this as "suspicious" — this is expected for skills that integrate with external services. All code is transparent markdown documentation. Review before granting credentials.

Quick Start — Local Dev

For local Elasticsearch 9.x setup with Kibana, use the official start-local tool:

Repository: https://github.com/elastic/start-local
Documentation: https://www.elastic.co/start-local

Once running:

Elasticsearch: http://localhost:9200
Kibana: http://localhost:5601
Credentials: elastic-start-local/.env

Auth — Always Use API Keys

# Test connection
curl -s "$ELASTICSEARCH_URL" -H "Authorization: ApiKey $ELASTICSEARCH_API_KEY"

# Python client 9.x
from elasticsearch import Elasticsearch
es = Elasticsearch(ES_URL, api_key=API_KEY)

Reference Files

Load these only when needed — do not load all at once:

File	Load when...
`references/semantic-search.md`	Setting up JINA, `semantic_text`, inference endpoint
`references/vector-search.md`	kNN queries, `dense_vector` mapping, hybrid search with RRF
`references/classic-patterns.md`	Mapping design, boolean queries, aggregations, pagination
`references/python-client-9.md`	Python `elasticsearch` 9.x — no `body=`, keyword args, type hints

When to Use Each Pattern

User asks about meaning / intent / "find products like X"
  → semantic_text + semantic query  →  references/semantic-search.md

User needs exact match + semantic combined
  → hybrid search (RRF)            →  references/vector-search.md

User asks about mapping, field types, analyzers, aggregations
  → classic patterns                →  references/classic-patterns.md

User uses Python elasticsearch library
  → always check                    →  references/python-client-9.md

Security Best Practices

Always use API keys over username/password
Scope API keys to specific indices and minimal privileges
For read-only OpenClaw access: privileges: ["read", "view_index_metadata"]
Store credentials in .env, never hardcode in scripts
.env always in .gitignore

POST /_security/api_key
{
  "name": "openclaw-readonly",
  "role_descriptors": {
    "reader": {
      "indices": [{ "names": ["my-index"], "privileges": ["read"] }]
    }
  }
}

// Response:
{
  "id": "VuaCfGcBCdbkQm-e5aOx",
  "name": "openclaw-readonly",
  "api_key": "ui2lp2axTNmsyakw9tvNnw",
  "encoded": "VnVhQ2ZHY0JDZGJrUW0tZTVhT3g6dWkybHAyYXhUTm1zeWFrdzl0dk5udw=="
}

⚠️ Save the encoded field from the response immediately — it cannot be retrieved later.
Add to: ~/.openclaw/workspace-[name]/.env as ELASTICSEARCH_API_KEY

安全使用建议

This skill mostly contains documentation and is low risk to install, but there are important contradictions you should understand before providing credentials. The files include examples that create API keys, indices, inference endpoints, ingest pipelines, and index documents — all of which are write operations requiring privileges beyond read-only. If you want only read/query capabilities: (1) do NOT supply cluster-admin credentials — create and supply a dedicated read-only API key scoped to the specific indices with privileges like ["read","view_index_metadata"]; (2) avoid giving keys that can create API keys or modify indices; (3) review the referenced files and remove or ignore the PUT/POST examples that perform writes; (4) note the skill's metadata inconsistencies (env vars mentioned in docs but not in registry) and prefer explicit communication from the author if you need to trust this skill for automated use. If you plan to let the agent act autonomously, require least-privilege credentials and consider disabling autonomous invocation or auditing actions until you trust behavior.

功能分析

Type: OpenClaw Skill Name: elasticsearch-openclaw Version: 1.1.1 The skill bundle provides documentation and code examples for read-only Elasticsearch 9.x operations, focusing on search and analytics. It explicitly states its read-only nature and consistently adheres to it across all files. While it requires external API keys (ELASTICSEARCH_API_KEY, JINA_API_KEY), this is necessary for its stated purpose, and the skill provides clear instructions for secure handling (least-privilege API keys, environment variables, .gitignore). There is no evidence of data exfiltration, malicious execution, persistence, obfuscation, or prompt injection attempts designed to harm the agent or user. All external network calls are to the Elasticsearch cluster and Jina AI, which are integral to the skill's functionality.

能力评估

⚠ Purpose & Capability

The skill's name and description claim a read-only reference for Elasticsearch 9.x, which justifies needing ELASTICSEARCH_URL and a read-only API key. However, parts of the content (examples and reference files) show write/create operations (POST /_security/api_key, PUT my-index, PUT _inference, PUT _ingest/pipeline, POST my-index/_doc). Creating API keys or inference endpoints requires elevated privileges that are not consistent with a pure read-only documentation skill. Also the top-level registry metadata listed no required env vars while SKILL.md metadata declares ELASTICSEARCH_URL and ELASTICSEARCH_API_KEY — an internal inconsistency.

⚠ Instruction Scope

SKILL.md and the reference files explicitly include commands that mutate cluster state: creating API keys (POST /_security/api_key), index mappings (PUT my-index), creating inference endpoints (PUT _inference), ingest pipelines (PUT _ingest/pipeline), and indexing documents (POST my-index/_doc). These go beyond read-only search/aggregation examples and could lead an agent to perform privileged operations if given sufficient credentials. The docs also reference additional secrets (JINA_API_KEY) in examples that aren't declared in the skill metadata.

✓ Install Mechanism

This is an instruction-only skill with no install spec or code to write to disk, and requires no package downloads. That minimizes installation risk.

ℹ Credentials

SKILL.md declares ELASTICSEARCH_URL and ELASTICSEARCH_API_KEY (base64) which are expected for an ES integration. However: (1) the registry summary initially showed no required env vars (metadata mismatch); (2) the Python reference and env examples mention JINA_API_KEY (an additional external API key) but it's not declared in SKILL.md metadata as required — this is inconsistent and could lead to unexpected requests for secrets; (3) creating API keys (included as an example) requires privileges beyond a typical read-only API key, so granting cluster-level credentials to follow sample steps would be disproportionate.

ℹ Persistence & Privilege

The skill does not request 'always: true' or any special persistent installation. It instructs users to store the encoded API key in ~/.openclaw/workspace-[name]/.env, which is a normal workspace pattern. Still, because the docs include API-key creation steps, giving the skill credentials that allow API-key creation or index writes would expand its effective privileges — be careful to only provide a least-privilege read-only API key if you intend only read operations. Autonomous invocation is permitted by default (disable-model-invocation: false) but that alone is not flagged; combined with the write instructions it increases the blast radius if over-privileged credentials are provided.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install elasticsearch-openclaw
安装完成后，直接呼叫该 Skill 的名称或使用 /elasticsearch-openclaw 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.1.1

Security improvements: remove curl dependency, clarify read-only nature, add security note

v1.1.0

Remove curl | sh to address security flag

v1.0.2

Read-only enforcement: removed all write operations (bulk indexing, index management). Removed ELSER (JINA only). Added API key response example, clarified .env paths, improved classic patterns with text/keyword examples, nested aggregation, better PIT definition, and shard sizing explanation. Addresses review feedback.

v1.0.1

Security improvements: Added explicit read-only security model, API key privilege recommendations, and transparency note about Elastic's official install script

v1.0.0

Initial release: ES 9.x semantic search, vector search, hybrid search with RRF, Python client patterns

元数据

Slug elasticsearch-openclaw

版本 1.1.1

许可证 —

累计安装 1

当前安装数 1

历史版本数 5

常见问题