← 返回 Skills 市场
532
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install grago
功能描述
Delegate web and API data fetching to local LLMs for research tasks, saving tokens and keeping data private while using your local machine for analysis.
使用说明 (SKILL.md)
Grago
Delegate research and data-fetch tasks to a free local LLM. Save tokens. Use your machine.
Grago bridges the gap between your OpenClaw agent and local LLMs (Ollama, llama.cpp, etc.) that can't use tools natively. It runs shell scripts to fetch live data from the web, APIs, and local files — then pipes the results into your local model with a focused prompt.
Your cloud model stays sharp. Your local machine does the grunt work. Your token bill drops.
⚠️ Security Model
Grago executes shell commands. This is intentional — it's the only way to give tool-less local LLMs access to external data.
Safe for: Trusted, single-user environments (your own Mac Mini, VPS, workstation)
NOT safe for: Multi-tenant systems, public APIs, untrusted agents
If your OpenClaw agent is compromised via prompt injection, Grago can execute arbitrary commands. This is the trade-off for free local compute. Read SECURITY.md in the repo for full details.
When to Use This Skill
Use Grago when:
- You need live data fetched (web pages, APIs, RSS feeds, logs)
- The task is research-heavy and doesn't need your primary model
- You want to keep data on your own machine (privacy)
- You want to save tokens by offloading analysis to a local LLM
How It Works
- Fetch — Shell scripts pull live data (curl, jq, grep, etc.)
- Analyze — Results are piped to your local Ollama model with a prompt
- Return — Structured analysis comes back to your OpenClaw agent
Usage
# Fetch a URL and analyze locally
grago fetch "https://example.com" \
--analyze "Summarize the key points" \
--model gemma2
# Multi-source research from a YAML config
grago research \
--sources sources.yaml \
--prompt "What are the main themes across these sources?"
# Pipe any shell command into your local model
grago pipe \
--fetch "curl -s https://api.example.com/data" \
--transform "jq .results" \
--analyze "Identify trends and flag outliers"
Configuration
Config file: ~/.grago/config.yaml
default_model: gemma2 # Your preferred Ollama model
timeout: 30 # Seconds per fetch
max_input_chars: 16000 # Input truncation limit
output_format: markdown # markdown | json | text
Requirements
- Ollama installed and running locally (install.sh handles this)
- At least one model pulled in Ollama (gemma2, mistral, llama3, etc.)
- bash, curl, jq
Installation
git clone https://github.com/solsuk/grago.git
cd grago && ./install.sh
Notes for the Agent
- Prefer
pipemode overfetch --analyzefor reliability (avoids Ollama TTY spinner issues) - Default model is whatever is set in
~/.grago/config.yaml; override per-call with--model - Input is truncated to
max_input_charsbefore being sent to the local model - Local model responses can be slow (5–30s depending on hardware and model size) — this is expected
- Grago is for research and fetch delegation — not for tasks requiring your primary model's reasoning
安全使用建议
Grago is coherent with its stated goal but deliberately runs arbitrary shell commands and can read local files — this makes it dangerous on shared or untrusted machines. Only install and run Grago on devices you fully control (personal Mac/VPS/workstation). Before installing: review install.sh (it may run ollama's remote install script), inspect grago.sh for eval usage, and ensure no sensitive files or credentials are reachable from sources.yaml or from commands you allow the agent to run. Do not use on multi-tenant systems, public-facing agents, or machines containing secrets you can't afford to expose. If you need narrower, safer behavior, prefer a tool that uses explicit, whitelisted HTTP calls rather than eval-ing shell commands.
功能分析
Type: OpenClaw Skill
Name: grago
Version: 1.0.1
The skill is classified as suspicious due to its intentional design allowing arbitrary shell command execution and file system access. The `grago.sh` script extensively uses `eval` on user-provided or configuration-derived strings (e.g., `--transform`, `--fetch` arguments, `sources.yaml` `transform` fields) and allows reading/writing arbitrary local files (`cmd_research`). While the `SKILL.md`, `README.md`, and `SECURITY.md` files explicitly document these as intentional features necessary for the skill's functionality and warn about the severe security implications (e.g., RCE via prompt injection if the agent is compromised), these capabilities represent significant vulnerabilities that could be leveraged for malicious purposes by a compromised agent. The `install.sh` script also downloads and executes a remote script from `ollama.ai`, which is a supply chain risk, though common for software installation.
能力评估
Purpose & Capability
The name/description (delegate web/API fetches to local LLMs) match the code and instructions: the scripts fetch URLs, read files, transform data, and send results to a local Ollama model. The installer pulls Ollama and a model as described. Requested capabilities are proportional to the declared purpose.
Instruction Scope
SKILL.md and grago.sh allow execution of arbitrary shell commands (cmd_pipe uses eval on fetch/transform commands; cmd_fetch and cmd_research run transforms via eval). The research flow can read arbitrary file paths from sources.yaml (cat $path). These behaviors are explicitly documented in SECURITY.md, but they mean the skill can access files and run commands beyond narrow fetch tasks — so it must only be used in trusted, single-user environments.
Install Mechanism
There is no packaged install spec in the registry, but install.sh runs an installer: on macOS it uses brew to install Ollama; on other OSes it runs curl -fsSL https://ollama.ai/install.sh | sh. Pulling models via ollama pull is expected. Using an official vendor URL (ollama.ai) is reasonable, but piping a remote install script to sh is higher-risk than packaged installs and should be inspected before running.
Credentials
The skill declares no required env vars or credentials, and the code does not require external secrets. However, sources.yaml examples in README show header values like Authorization: "Bearer ${API_KEY}", implying users may expose env-based secrets via sources config; the skill does not declare or manage those. The script reads arbitrary file paths and could expose local secrets if sources.yaml is used unsafely. This is consistent with the tool's purpose but worth caution.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. Installer writes to typical per-user locations (~/.grago, ~/.local/bin or /usr/local/bin) and copies SKILL.md into OpenClaw workspace if present. It does not modify other skills or global agent settings beyond installing its files.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install grago - 安装完成后,直接呼叫该 Skill 的名称或使用
/grago触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Added security documentation explaining intentional command execution design
v1.0.0
Initial release: Local LLM bridge for OpenClaw
元数据
常见问题
Grago 是什么?
Delegate web and API data fetching to local LLMs for research tasks, saving tokens and keeping data private while using your local machine for analysis. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 532 次。
如何安装 Grago?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install grago」即可一键安装,无需额外配置。
Grago 是免费的吗?
是的,Grago 完全免费(开源免费),可自由下载、安装和使用。
Grago 支持哪些平台?
Grago 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Grago?
由 solsuk(@solsuk)开发并维护,当前版本 v1.0.1。
推荐 Skills