← 返回 Skills 市场
dougchambes

Config Manager

作者 dougchambers · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
119
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install legend-config-manager
功能描述
Safe configuration file editing for JSON, YAML, TOML, and other config formats. Use when working with configuration files for: (1) Reading config values, (2)...
使用说明 (SKILL.md)

Config Manager

Handles configuration files through safe, validated operations that preserve syntax and formatting.

Core Workflows

Format Detection

Identify config format by extension:

  • .json → JSON
  • .yaml, .yml → YAML
  • .toml → TOML
  • .env → Environment variables
  • .ini → INI format
  • .xml → XML
  • .cfg, .conf → Generic config

Safe Editing Rules

Golden Rule: Never manually edit structured configs unless trivial. Use tools:

  • JSON: jq for CLI, JSON.parse/stringify for code
  • YAML: yq for CLI, yaml libraries for code
  • TOML: toml libraries (no standard CLI tool)

Common Operations

Read Values

# JSON
jq '.key' config.json
jq '.nested.key' config.json

# YAML
yq '.key' config.yaml
yq '.nested.key' config.yaml

# TOML (requires python/toml)
python -c "import toml; print(toml.load('config.toml')['key'])"

Update Values

# JSON
jq '.key = "new value"' config.json > tmp && mv tmp config.json

# YAML
yq -i '.key = "new value"' config.yaml

# Always backup first
cp config.json config.json.bak

Add New Keys

# JSON
jq '.newKey = "value"' config.json > tmp && mv tmp config.json

# YAML
yq -i '.newKey = "value"' config.yaml

Remove Keys

# JSON
jq 'del(.unwantedKey)' config.json > tmp && mv tmp config.json

# YAML
yq -i 'del(.unwantedKey)' config.yaml

Validation Before Save

Always validate after edits:

# JSON
jq empty config.json && echo "Valid JSON"

# YAML
yamllint config.yaml || python -c "import yaml; yaml.safe_load(open('config.yaml'))"

# TOML
python -c "import toml; toml.load('config.toml')"

Formatting Preservation

  • Use yq -i for in-place YAML edits (preserves comments)
  • Use jq with --indent to control JSON spacing
  • Never mix tabs/spaces in YAML
  • Preserve trailing newlines

Creating New Configs

Use templates or generate programmatically:

# JSON
echo '{"key": "value"}' | jq '.' > new-config.json

# YAML
cat > new-config.yaml \x3C\x3C EOF
key: value
nested:
  key2: value2
EOF

Safety Rules

  1. Validate syntax before saving any changes
  2. Backup first - Copy original before destructive edits
  3. Use tools, not manual edits - jq/yq for JSON/YAML
  4. Test after changes - Load config in application context
  5. Respect workspace boundaries - Only touch ~/openclaw configs
  6. Never commit secrets - Use .env for sensitive values, gitignore them

When to Read references/formats.md

Load when:

  • Need detailed format specifications (JSON schema, YAML anchors)
  • Complex merge/conflict resolution needed
  • Format conversion required (JSON↔YAML↔TOML)
  • Validation schemas or type checking needed
安全使用建议
This skill appears to be what it claims (a how-to guide for safely editing config files) but be cautious: it's instruction-only, so the agent following it will run shell commands that can modify files and install software. Before using, verify or enforce these points: 1) limit actions to a safe directory (e.g., ~/openclaw) — prefer absolute paths or sandboxing; 2) do not run commands with sudo or allow global package installs unless you explicitly want system-wide changes; 3) review any wget/pip commands before running (they download and execute code); 4) avoid passing secrets or system config files to the skill; and 5) if you want automated edits, prefer running the commands yourself or in a constrained container with limited privileges. If you need higher assurance, ask the author to remove/instrument install instructions, lock all file operations to a specific workspace path, and provide an explicit safety checklist for elevation and network operations.
功能分析
Type: OpenClaw Skill Name: legend-config-manager Version: 1.0.0 The skill provides legitimate configuration management utilities but includes high-risk instructions in references/formats.md that direct the agent to download an external binary via wget (https://github.com/mikefarah/yq) and install it using sudo and chmod. While these actions are aligned with the stated purpose of the skill, the inclusion of instructions for remote binary execution and elevated privilege usage represents a significant security risk and attack surface, fitting the criteria for a suspicious classification.
能力评估
Purpose & Capability
Name and description align with the provided instructions and reference material: operations for reading, updating, validating, converting, and merging common config formats are all covered and expected.
Instruction Scope
The SKILL.md includes many shell commands that operate on files (jq, yq, sed, cp, mv, python snippets) but examples reference generic filenames (config.json, config.yaml) rather than enforcing a confined path. Although a safety rule says 'Only touch ~/openclaw configs', the examples and commands do not programmatically constrain operations to that directory. The instructions also recommend running package installs and downloading binaries (sudo apt, brew, pip, wget) which could change system state or require elevated privileges.
Install Mechanism
There is no formal install spec (instruction-only), which reduces supply-chain risk. However the included references explicitly instruct installing tools (apt/brew/pip, wget + GitHub release for yq). Those are normal for a CLI-focused guide but mean the agent (or user following agent guidance) may download and install software from the network and use sudo.
Credentials
The skill requests no environment variables, no credentials, and no protected config paths. That is proportionate to its described functionality.
Persistence & Privilege
The skill is not always-enabled and does not request system-wide privileges from its metadata. The instructions may result in package installs or file edits if executed, but the skill itself does not declare persistent or elevated platform privileges.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install legend-config-manager
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /legend-config-manager 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of legend-config-manager. - Provides safe, validated editing for JSON, YAML, TOML, and other config files. - Supports reading, updating, adding, and removing keys, plus format conversions. - Emphasizes backup, syntax validation, and use of appropriate CLI/code tools (jq, yq, etc). - Includes rules for safely creating and editing new configs. - Advises on when to reference deeper format guides and schema validation.
元数据
Slug legend-config-manager
版本 1.0.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Config Manager 是什么?

Safe configuration file editing for JSON, YAML, TOML, and other config formats. Use when working with configuration files for: (1) Reading config values, (2)... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 119 次。

如何安装 Config Manager?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install legend-config-manager」即可一键安装,无需额外配置。

Config Manager 是免费的吗?

是的,Config Manager 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Config Manager 支持哪些平台?

Config Manager 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Config Manager?

由 dougchambers(@dougchambes)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论