← 返回 Skills 市场
gog-safety
作者
BrennerSpear
· GitHub ↗
· v1.0.1
380
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install gog-safety
功能描述
Build and deploy safety-profiled gogcli binaries with compile-time command removal. Use when setting up gog for an AI agent with restricted permissions — cho...
使用说明 (SKILL.md)
gog Safety Profiles
Build and deploy gog binaries with compile-time command removal. Commands that are disabled don't exist in the binary — no runtime bypass possible.
Quick Start
1. Choose a safety level
| Level | Use case | Can send email/chat? |
|---|---|---|
| L1 | Email triage, drafting, inbox organization | No |
| L2 | L1 + commenting, RSVP, collaborative work | No |
| L3 | Full write access, no dangerous admin ops | Yes |
For full details: references/levels.md
2. Build
# Build for current platform
./scripts/build-gog-safe.sh L1
# Cross-compile for Linux ARM64 (e.g., AWS Graviton)
./scripts/build-gog-safe.sh L1 --arch arm64 --os linux
# Custom output
./scripts/build-gog-safe.sh L2 --output /tmp/gog-l2
Requires: Go 1.22+, git. First run clones the PR #366 branch (~30s).
3. Deploy
# Deploy to a remote host via SSH
./scripts/deploy-gog-safe.sh spock /tmp/gogcli-safety-build/bin/gog-l1-safe
# Deploy with verification (tests blocked + allowed commands)
./scripts/deploy-gog-safe.sh spock /tmp/gogcli-safety-build/bin/gog-l1-safe --verify
The deploy script:
- Backs up the existing
gogasgog-backup - Installs the new binary
- Verifies version output
- Optionally tests that blocked commands are gone and allowed commands work
4. Rollback
ssh \x3Chost> 'sudo mv /usr/local/bin/gog-backup /usr/local/bin/gog'
How It Works
Uses gogcli's compile-time safety profiles feature (PR #366 on steipete/gogcli). A YAML file specifies which commands are enabled (true) or removed (false). The build system generates Go source files with only the enabled commands, then compiles. The resulting binary's version is tagged with -safe.
YAML Profiles
In references/:
l1-draft.yaml— Draft & Organizel2-collaborate.yaml— Draft & Collaboratel3-standard.yaml— Full Write (No Admin)
Custom profiles: copy any YAML, edit the true/false flags, pass to build-gog-safe.sh.
Verification
After deployment, verify with:
ssh \x3Chost> "gog --version" # Should show -safe suffix
ssh \x3Chost> "gog gmail send --help 2>&1" # Should fail (L1/L2)
ssh \x3Chost> "gog gmail drafts create --help" # Should work (all levels)
Known Edge Cases
- Filter forwarding:
gmail settings filters createis allowed at L1+ for inbox organization. A filter with a forward action could auto-forward email. Accepted risk for v1. - Drive sharing:
drive shareis allowed at L1+ because sharing grants access without sending a message notification. The shared user sees it in "Shared with me" but doesn't get an email.
安全使用建议
This skill appears to do what it says (build and deploy safety‑profiled gog binaries) but before using it: 1) verify the upstream repository and branch being cloned (https://github.com/drewburchfield/gogcli-safe.git, branch feat/safety-profiles) actually contains the intended PR/patch — the SKILL.md refers to steipete/gogcli#366 so confirm the fork is trustworthy or prefer the official upstream commit/hash; 2) inspect the cloned code, especially cmd/gen-safety and any build scripts, because the build runs 'go run' (i.e., executes code from that repo) and could run arbitrary actions on your build machine; 3) run builds in an isolated environment (container/VM) and only deploy binaries you have reviewed; 4) ensure the deploying user has appropriate sudo/backup procedures on target hosts (deploy will overwrite /usr/local/bin/gog and creates gog-backup); and 5) update any registry metadata or provenance notes to declare required tools (git, Go) and the exact upstream commit/URL you reviewed. If you cannot or will not review the upstream source, treat this as higher risk and avoid running the build on sensitive hosts.
功能分析
Type: OpenClaw Skill
Name: gog-safety
Version: 1.0.1
This skill bundle automates the compilation and remote deployment of a modified 'gogcli' binary, which involves high-risk operations such as replacing system-level binaries in /usr/local/bin via SSH and sudo (scripts/deploy-gog-safe.sh). While the stated purpose is to enhance safety by removing dangerous commands at compile-time, the build script (scripts/build-gog-safe.sh) fetches source code from a third-party fork (github.com/drewburchfield/gogcli-safe.git) rather than the official upstream repository. This creates a significant supply chain risk where a backdoored version of a tool with access to Google Workspace data could be deployed under the guise of a security hardening measure.
能力评估
Purpose & Capability
The name/description (build+deploy safety-profiled gog binaries) matches the included scripts, YAML profiles, and SKILL.md instructions. One mismatch: registry metadata lists no required binaries, but SKILL.md and scripts explicitly require git and Go (Go 1.22+) and use ssh/scp for deployment. Those tools are reasonable for the stated purpose but should be declared.
Instruction Scope
Instructions and scripts stay within the declared goal: choosing a YAML profile, injecting it into a gogcli checkout, running a code generator (go run ./cmd/gen-safety), building the binary, and deploying via scp/ssh. However, the build step runs code from the cloned repository (go run), which means arbitrary code in that repo will execute on the builder machine — this is expected for a source build but is a notable risk that requires review of the upstream source before running.
Install Mechanism
There is no packaged install spec; the scripts clone an external repository (UPSTREAM_REPO=https://github.com/drewburchfield/gogcli-safe.git, branch feat/safety-profiles) and run code from it. The SKILL.md references steipete/gogcli PR #366 but the clone target is a different fork/URL, which is a potential coherence issue: either a mirror or an unverified fork. Cloning and executing code from an external/unverified repo is the highest‑risk install pattern here and should be reviewed.
Credentials
The skill does not request environment variables or credentials. Deployment uses ssh/scp and remote sudo to replace /usr/local/bin/gog, which is proportionate but requires privileged access on remote hosts. There is no evidence the skill tries to access unrelated credentials or local config paths, but building executes upstream code (see instruction_scope) which could access the builder environment if malicious.
Persistence & Privilege
always is false and the skill does not request persistent platform-level privileges. The deploy script replaces a system binary on remote hosts (requires sudo there) which is expected for installing a CLI binary; no self-modifying or cross-skill config changes are present.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install gog-safety - 安装完成后,直接呼叫该 Skill 的名称或使用
/gog-safety触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Remove Tycho branding from profile names and references
v1.0.0
Initial release — compile-time safety profiles for gogcli (L1/L2/L3)
元数据
常见问题
gog-safety 是什么?
Build and deploy safety-profiled gogcli binaries with compile-time command removal. Use when setting up gog for an AI agent with restricted permissions — cho... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 380 次。
如何安装 gog-safety?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install gog-safety」即可一键安装,无需额外配置。
gog-safety 是免费的吗?
是的,gog-safety 完全免费(开源免费),可自由下载、安装和使用。
gog-safety 支持哪些平台?
gog-safety 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 gog-safety?
由 BrennerSpear(@brennerspear)开发并维护,当前版本 v1.0.1。
推荐 Skills