← 返回 Skills 市场
christiancattaneo

ipeaky

作者 christiancattaneo · GitHub ↗ · v3.2.0
cross-platform ⚠ suspicious
823
总下载
0
收藏
1
当前安装
8
版本数
在 OpenClaw 中安装
/install ipeaky
功能描述
Secure API key management for OpenClaw. Store, list, test, and delete API keys without exposing them in chat history. Keys are stored directly in openclaw.js...
使用说明 (SKILL.md)

ipeaky — Secure API Key Management

Keys are stored directly in OpenClaw's native config (openclaw.json) via gateway config.patch. This means every skill that declares primaryEnv automatically picks up the key — zero manual wiring.

Key Map — Service to Config Path

Service Config Path primaryEnv
OpenAI skills.entries.openai-whisper-api.apiKey OPENAI_API_KEY
ElevenLabs skills.entries.sag.apiKey ELEVENLABS_API_KEY
Brave Search tools.web.search.apiKey BRAVE_API_KEY
Gemini skills.entries.nano-banana-pro.apiKey GEMINI_API_KEY
Google Places skills.entries.goplaces.apiKey GOOGLE_PLACES_API_KEY
Notion skills.entries.notion.apiKey NOTION_API_KEY
ElevenLabs Talk talk.apiKey (direct)
Custom skill skills.entries.\x3Cskill-name>.apiKey (per skill)
Custom env skills.entries.\x3Cskill-name>.env.\x3CVAR_NAME> (arbitrary)

Important: Some keys serve multiple skills. OpenAI key is used by openai-whisper-api, openai-image-gen, etc. ElevenLabs key is used by sag and talk. When storing, set ALL relevant config paths for that key.

Storing Keys (v4 — Single Paste, Zero Exposure) ⭐ PREFERRED

One popup. Paste everything. Regex parses. One save. One restart. Keys never touch chat or network.

bash {baseDir}/scripts/store_key_v4.sh "\x3CSERVICE_NAME>" "\x3Cconfig_prefix>"

Examples:

# X API keys (consumer key + secret + bearer in one paste)
bash {baseDir}/scripts/store_key_v4.sh "X API" "skills.entries.x-twitter.env"

# Any service — user pastes in any format:
#   consumer key: abc123
#   secret: xyz789
#   bearer token: AAAA...

The script:

  1. Shows ONE macOS popup — user pastes all keys in any format
  2. Local Python regex parses key-value pairs (no AI, no network)
  3. Confirmation popup: "Found 3 keys: X, Y, Z — Store all?"
  4. ONE openclaw config set batch → ONE gateway restart
  5. Keys never appear in chat, logs, or shell history

Supported input formats:

  • key_name: value or key_name = value
  • KEY_NAME=value
  • Bare tokens on separate lines (auto-labeled in order)
  • Mixed formats in one paste

Storing a Key (v3 — Zero Exposure)

Use the v3 script. The agent NEVER sees the key. The script handles popup + storage directly.

bash {baseDir}/scripts/store_key_v3.sh "\x3CSERVICE_NAME>" "\x3Cconfig_path1>" ["\x3Cconfig_path2>" ...]

Examples:

# Brave Search
bash {baseDir}/scripts/store_key_v3.sh "Brave Search" "tools.web.search.apiKey"

# OpenAI (multiple paths)
bash {baseDir}/scripts/store_key_v3.sh "OpenAI" "skills.entries.openai-whisper-api.apiKey"

# ElevenLabs (sag + talk)
bash {baseDir}/scripts/store_key_v3.sh "ElevenLabs" "skills.entries.sag.apiKey" "talk.apiKey"

The script:

  1. Shows macOS popup (hidden input)
  2. Calls openclaw config set for each path
  3. Restarts gateway
  4. Returns ONLY "OK" or "ERROR" — key never appears in agent output or chat history

Legacy Method (v2 — agent sees key, NOT recommended)

Step 1: Launch the secure input popup. On macOS:

bash {baseDir}/scripts/secure_input_mac.sh KEY_NAME

Step 2: Once you have the key value (from stdout of the script), store it via gateway config.patch.

Example for OpenAI:

gateway config.patch with raw: {"skills":{"entries":{"openai-whisper-api":{"apiKey":"THE_KEY"},"openai-image-gen":{"apiKey":"THE_KEY"}}}}

Example for ElevenLabs:

gateway config.patch with raw: {"skills":{"entries":{"sag":{"apiKey":"THE_KEY"}}},"talk":{"apiKey":"THE_KEY"}}

Example for Brave Search:

gateway config.patch with raw: {"tools":{"web":{"search":{"apiKey":"THE_KEY"}}}}

Critical rules:

  • NEVER echo, print, or include any key value in chat messages or tool call arguments
  • NEVER include key values in the reason field of config.patch
  • If a user pastes a key directly in chat, store it immediately and tell them to delete the message
  • The secure_input_mac.sh script outputs the key to stdout — capture it in a variable, use it in config.patch, never log it

Listing Keys

Read from the live config using gateway config.get. Show masked values only (first 4 chars + ****). Parse the config JSON and find all apiKey fields, display their config path and masked value.

Testing a Key

Test endpoints:

  • OpenAI: curl -s -H "Authorization: Bearer $KEY" https://api.openai.com/v1/models | head
  • ElevenLabs: curl -s -H "xi-api-key: $KEY" https://api.elevenlabs.io/v1/user
  • Anthropic: curl -s -H "x-api-key: $KEY" -H "anthropic-version: 2023-06-01" https://api.anthropic.com/v1/messages -d '{"model":"claude-3-haiku-20240307","max_tokens":1,"messages":[{"role":"user","content":"hi"}]}'
  • Brave Search: curl -s -H "X-Subscription-Token: $KEY" "https://api.search.brave.com/res/v1/web/search?q=test&count=1"

Source the key from the config (via gateway config.get), test it, report result. Never show the key.

Deleting a Key

Use gateway config.patch to set the key value to an empty string or remove the entry.

💎 Paid Tier (Coming Soon)

ipeaky core is free forever. A paid tier is in development with premium features:

  • Team key sharing — Role-based access across team members
  • Key rotation reminders — Automated expiry alerts
  • Usage analytics — Track key usage across skills
  • Breach monitoring — Leak database notifications
  • Cross-platform — Linux & Windows secure input
  • Backup & sync — Encrypted cloud backup

See paid_tier/README-paid.md for details. Billing is powered by Stripe.

# Set up Stripe integration (uses ipeaky to store its own key!)
bash {baseDir}/paid_tier/stripe-setup.sh

# Create a checkout session
bash {baseDir}/paid_tier/stripe-checkout.sh --price price_XXXXX --mode subscription

Security Guarantees

  • Keys go: secure popup → stdout pipe → config.patch → openclaw.json (never chat)
  • Keys are automatically available to all skills via OpenClaw's native env injection
  • No separate credential files to manage
  • No manual source commands needed
  • config.patch triggers a gateway reload so keys take effect immediately
安全使用建议
Summary of what to consider before installing or using ipeaky: - Prefer the v3 flow (store_key_v3.sh) if you need strong protection: it uses a secure macOS popup, writes keys via a temp file that Python reads (avoiding argv exposure), overwrites the temp file, and only returns OK/ERROR. The v3 path is consistent with the 'zero exposure' claim. - Avoid the v4 flow for highly sensitive keys until the process-list issue is fixed: store_key_v4.sh parses a bulk paste correctly, but then calls openclaw config set with the key value as a CLI argument, which can be visible in ps output while the command runs. That contradicts the SKILL.md claim that v4 is 'zero exposure.' - Understand the trust model: ipeaky stores keys in OpenClaw's global config (openclaw.json). Any installed skill that reads the same config path or declares the corresponding primaryEnv will receive the key. If you need per-skill isolation or stricter separation, do not store keys into global paths — consider per-skill policies or a different storage model. - Review who can run these scripts on the host: scripts write to ~/.openclaw and restart the gateway. Only run on machines you control and that are single-user or otherwise trusted. On multi-user systems, treat the global config location and gateway restart as sensitive operations. - Paid-tier scripts (Stripe) will read a stored STRIPE_SECRET_KEY and call Stripe's API. That is expected behavior for the paid features, but be cautious storing payment secrets if you do not want them accessible to other skills. - If you plan to allow autonomous agent invocation, be aware that an agent could attempt to store keys programmatically if triggered. Autonomous invocation is the platform default; combine that with global config writes and the risk increases. Consider restricting invocation or requiring explicit user confirmation for any store operation. - If you want to proceed: audit and/or modify store_key_v4.sh to avoid passing secrets as CLI args (use the same safe pattern as v3: temp file read by a subprocess or Python), and limit which config paths are writable. Also verify filesystem permissions on openclaw.json and your ~/.ipeaky directories. Confidence notes: The code shows deliberate secure practices in many places (temp files with chmod 600, masked outputs, secure cleanup). The main concrete incoherence is the v4 argv exposure; that is why I rated this skill as suspicious with medium confidence rather than benign.
功能分析
Type: OpenClaw Skill Name: ipeaky Version: 3.2.0 The 'ipeaky' skill bundle is meticulously designed with a strong focus on security, aiming to prevent API key exposure. It employs robust practices such as input sanitization for `osascript` arguments, using hidden input dialogs, writing sensitive data to `chmod 600` temporary files, immediately clearing sensitive variables from shell memory, securely overwriting temporary files before deletion, and passing API keys to `curl` via temporary header files (not command-line arguments). The `SKILL.md` and `README.md` explicitly instruct the AI agent and users on secure key handling, and the `tests/run_tests.sh` script actively validates these security measures. There is no evidence of data exfiltration, malicious execution, persistence, prompt injection against the agent, or obfuscation. The Stripe integration is for legitimate billing purposes and also follows secure key handling principles.
能力评估
Purpose & Capability
The name/description match the scripts and instructions: this is a local API-key manager for OpenClaw that uses macOS dialogs and OpenClaw's config to store keys. Required binary (osascript) and macOS focus are coherent. Paid-tier Stripe tooling is an optional extension and relates to the stated paid features.
Instruction Scope
Most runtime instructions stay within the stated purpose (secure input, write to openclaw.json, test keys). However SKILL.md and scripts promise 'zero exposure' for the v4 flow while store_key_v4.sh writes keys using `openclaw config set "<path>" "<KEY_VAL>"` — passing the secret as a CLI argument exposes it to process-list inspection during that command. That contradicts the 'never appears in process list' claim. Also the skill deliberately writes keys into the global OpenClaw config (openclaw.json), which increases the blast radius because any skill that declares the matching primaryEnv will receive them automatically.
Install Mechanism
This is an instruction + script bundle with no external download/install step. No network-based installers or remote archives are used. Files are included in the skill package, so install mechanism risk is low.
Credentials
The skill requests no external credentials by default. It intentionally writes secrets into OpenClaw's global config, which is functional for the purpose but is a privilege escalation relative to per-skill isolation: one key can be injected into multiple skill entries or arbitrary env paths (the SKILL.md shows `skills.entries.<skill>.env.<VAR>`). The paid-tier scripts use a stored STRIPE_SECRET_KEY (expected) — still proportional but increases what stored secrets may be used for.
Persistence & Privilege
The skill stores secrets persistently in openclaw.json (~/.openclaw/openclaw.json) and restarts the gateway so keys take effect immediately. This is coherent with the stated design, but persistent global storage means keys are accessible to any skill that matches the config path / primaryEnv. Also the skill includes logic and triggers that cause it to run on key-related phrases, so combined with global storage this raises the blast radius if an untrusted skill or agent action leads to unexpected writes. always:false mitigates forced inclusion, but persistent global writes remain a meaningful privilege.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install ipeaky
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /ipeaky 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v3.2.0
Add paid tier Stripe integration scaffold; stripe-setup.sh, stripe-checkout.sh, paid tier docs
v3.1.0
- Added python3 as a required dependency for zero-exposure config writes. - Updated the storage method to write API keys directly to openclaw.json using Python (avoids process argument exposure). - Clarified security: service key is never seen by the agent or leaked via process listing. - Minor note and metadata updates to reflect new requirement and script behavior.
v3.0.0
v3.0.0: wreckit security audit — curl headers now via temp files (no ps-aux exposure), AppleScript injection prevention, sanitization hardening, CI/CD pipeline, 32-test suite
v2.2.0
Fix all ClawHub security scan flags: remove legacy env file references from tests and site, add macOS platform/osascript requirement to manifest metadata, update site flow diagram (stdin→config.patch→openclaw.json), clarify native config storage in site copy. 18/18 tests pass.
v2.1.0
Fix README/SKILL.md contradictions flagged by ClawHub security scan. README rewritten for v2 config.patch flow. Removed references to deleted v1 scripts. Added test suite. Clarified storage model tradeoffs and network usage.
v2.0.0
v2: Native OpenClaw integration. Keys stored directly in openclaw.json via config.patch. No separate credential files. Auto-available to all skills.
v1.1.0
Security hardening: input validation, injection prevention, native macOS dialog, cross-platform support
v1.0.0
Initial release — secure API key management for AI agents
元数据
Slug ipeaky
版本 3.2.0
许可证
累计安装 1
当前安装数 1
历史版本数 8
常见问题

ipeaky 是什么?

Secure API key management for OpenClaw. Store, list, test, and delete API keys without exposing them in chat history. Keys are stored directly in openclaw.js... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 823 次。

如何安装 ipeaky?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install ipeaky」即可一键安装,无需额外配置。

ipeaky 是免费的吗?

是的,ipeaky 完全免费(开源免费),可自由下载、安装和使用。

ipeaky 支持哪些平台?

ipeaky 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 ipeaky?

由 christiancattaneo(@christiancattaneo)开发并维护,当前版本 v3.2.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论