← 返回 Skills 市场
little-snitch
作者
Gustavo Madeira Santana
· GitHub ↗
· v1.0.1
2069
总下载
2
收藏
3
当前安装
2
版本数
在 OpenClaw 中安装
/install little-snitch
功能描述
Control Little Snitch firewall on macOS. View logs, manage profiles and rule groups, monitor network traffic. Use when the user wants to check firewall activity, enable/disable profiles or blocklists, or troubleshoot network connections.
使用说明 (SKILL.md)
Little Snitch CLI
Control Little Snitch network monitor/firewall on macOS.
Setup
Enable CLI access in Little Snitch → Preferences → Security → Allow access via Terminal
Once enabled, the littlesnitch command is available in Terminal.
⚠️ Security Warning: The littlesnitch command is very powerful and can potentially be misused by malware. When access is enabled, you must take precautions that untrusted processes cannot gain root privileges.
Reference: https://help.obdev.at/littlesnitch5/adv-commandline
Commands
| Command | Root? | Description |
|---|---|---|
--version |
No | Show version |
restrictions |
No | Show license status |
log |
No | Read log messages |
profile |
Yes | Activate/deactivate profiles |
rulegroup |
Yes | Enable/disable rule groups & blocklists |
log-traffic |
Yes | Print traffic log data |
list-preferences |
Yes | List all preferences |
read-preference |
Yes | Read a preference value |
write-preference |
Yes | Write a preference value |
export-model |
Yes | Export data model (backup) |
restore-model |
Yes | Restore from backup |
capture-traffic |
Yes | Capture process traffic |
Examples
View Recent Logs (no root)
littlesnitch log --last 10m --json
Stream Live Logs (no root)
littlesnitch log --stream
Check License Status (no root)
littlesnitch restrictions
Activate Profile (requires root)
sudo littlesnitch profile --activate "Silent Mode"
Deactivate All Profiles (requires root)
sudo littlesnitch profile --deactivate-all
Enable/Disable Rule Group (requires root)
sudo littlesnitch rulegroup --enable "My Rules"
sudo littlesnitch rulegroup --disable "Blocklist"
View Traffic History (requires root)
sudo littlesnitch log-traffic --begin-date "2026-01-25 00:00:00"
Stream Live Traffic (requires root)
sudo littlesnitch log-traffic --stream
Backup Configuration (requires root)
sudo littlesnitch export-model > backup.json
Log Options
| Option | Description |
|---|---|
--last \x3Ctime>[m|h|d] |
Show entries from last N minutes/hours/days |
--stream |
Live stream messages |
--json |
Output as JSON |
--predicate \x3Cstring> |
Filter with predicate |
Notes
- macOS only
- Many commands require
sudo(root access) - Profiles: predefined rule sets (e.g., "Silent Mode", "Alert Mode")
- Rule groups: custom rule collections and blocklists
安全使用建议
This skill appears to be a legitimate Little Snitch CLI helper, but there are a few things to consider before installing:
- The SKILL.md expects the 'littlesnitch' CLI and macOS, but the skill metadata doesn't declare that binary or an OS restriction — verify the environment will actually have Little Snitch installed before relying on this skill.
- Many useful commands require sudo/root (exporting/restoring config, capturing traffic, enabling/disabling rule groups). Only use the skill when you trust both the skill and the agent's ability to run commands on your machine. Be cautious enabling Terminal access in Little Snitch; follow the product's guidance to avoid giving untrusted processes root access.
- The skill source/homepage is unknown. If you need to run powerful operations (backups, restores, traffic capture), prefer skills with a known, trusted source or inspect the exact commands the agent will run each time.
- Because this is instruction-only, there's no install risk from downloaded code, but the agent still could execute high-impact local commands. Require explicit user confirmation for any sudo-level actions and avoid allowing automatic, unattended execution of this skill on sensitive systems.
If you want stronger assurance, ask the skill author for a homepage or source repository, or request that the registry metadata be corrected to list the 'littlesnitch' binary and macOS restriction.
功能分析
Type: OpenClaw Skill
Name: little-snitch
Version: 1.0.1
This skill is classified as suspicious due to its provision of extensive root-level access to the powerful `littlesnitch` firewall utility on macOS. While the `SKILL.md` documentation itself does not contain explicit malicious instructions or prompt injection, it exposes commands like `sudo littlesnitch profile`, `sudo littlesnitch rulegroup`, `sudo littlesnitch write-preference`, and `sudo littlesnitch export-model`. These commands, especially with root privileges, allow the AI agent to disable firewall rules, modify system network preferences, and export sensitive firewall configurations, which could be misused for persistence, data exfiltration, or disabling security. The `SKILL.md` even includes a 'Security Warning' from the original documentation, highlighting the potential for misuse by malware.
能力评估
Purpose & Capability
The SKILL.md is clearly scoped to controlling the Little Snitch CLI (commands, examples, and many root-required operations). However, the skill metadata does not declare the required 'littlesnitch' binary or an OS restriction (SKILL.md states macOS-only). That mismatch between declared requirements and the actual instructions is an incoherence a user should notice.
Instruction Scope
Instructions stay within the stated purpose: they show how to run littlesnitch commands, read logs, activate profiles, export/restore configuration, and capture/stream traffic. The skill does not instruct reading unrelated files or exfiltrating data to external endpoints. Many examples explicitly require sudo/root, which is expected for a firewall tool but increases potential impact if misused.
Install Mechanism
This is an instruction-only skill with no install spec or downloadable code, which reduces supply-chain risk. It does, however, implicitly require the littlesnitch CLI to already be present on the system — the metadata should have listed that binary dependency but did not.
Credentials
No environment variables, credentials, or config paths are requested. That's appropriate for a local CLI helper. The only elevated privilege implied is use of sudo/root for certain commands, which matches the tool's functionality but is high-impact.
Persistence & Privilege
always:false (not force-included) and no requested persistent credentials. However, the skill's capability to run commands that require root (export/restore model, capture traffic, enable/disable rules) means that if an agent were allowed to execute shell commands autonomously on a macOS machine, the blast radius is significant. Autonomous invocation alone is not flagged, but combined with root-level operations it elevates the risk and requires careful operational controls.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install little-snitch - 安装完成后,直接呼叫该 Skill 的名称或使用
/little-snitch触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Fix setup instructions, add security warning
v1.0.0
Initial release - Little Snitch CLI for macOS
元数据
常见问题
little-snitch 是什么?
Control Little Snitch firewall on macOS. View logs, manage profiles and rule groups, monitor network traffic. Use when the user wants to check firewall activity, enable/disable profiles or blocklists, or troubleshoot network connections. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2069 次。
如何安装 little-snitch?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install little-snitch」即可一键安装,无需额外配置。
little-snitch 是免费的吗?
是的,little-snitch 完全免费(开源免费),可自由下载、安装和使用。
little-snitch 支持哪些平台?
little-snitch 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 little-snitch?
由 Gustavo Madeira Santana(@gumadeiras)开发并维护,当前版本 v1.0.1。
推荐 Skills