← 返回 Skills 市场
3104
总下载
2
收藏
20
当前安装
2
版本数
在 OpenClaw 中安装
/install lobster
功能描述
Lobster workflow runtime for deterministic pipelines with approval gates. Use when: (1) Running multi-step automations that need human approval before side effects, (2) Monitoring PRs/issues for changes, (3) Processing data through typed JSON pipelines, (4) Email triage or batch operations, (5) Any workflow that should halt and ask before acting. Lobster saves tokens by running deterministic pipelines instead of re-planning each step.
使用说明 (SKILL.md)
Lobster
Contribute: Source code & PRs welcome at github.com/guwidoe/lobster-skill
Workflow runtime for AI agents — typed pipelines with approval gates.
CLI Location
# Set alias (adjust path to your install location)
LOBSTER="node /home/molt/clawd/tools/lobster/bin/lobster.js"
# Or install globally: npm install -g @clawdbot/lobster
# Then use: lobster '\x3Cpipeline>'
Quick Reference
# Run pipeline (human mode - pretty output)
$LOBSTER '\x3Cpipeline>'
# Run pipeline (tool mode - JSON envelope for integration)
$LOBSTER run --mode tool '\x3Cpipeline>'
# Run workflow file
$LOBSTER run path/to/workflow.lobster
# Resume after approval
$LOBSTER resume --token "\x3Ctoken>" --approve yes|no
# List commands/workflows
$LOBSTER commands.list
$LOBSTER workflows.list
Core Commands
| Command | Purpose |
|---|---|
exec --json --shell "cmd" |
Run shell, parse stdout as JSON |
where 'field=value' |
Filter objects |
pick field1,field2 |
Project fields |
head --n 5 |
Take first N items |
sort --key field --desc |
Sort items |
groupBy --key field |
Group by key |
dedupe --key field |
Remove duplicates |
map --wrap key |
Transform items |
template --text "{{field}}" |
Render templates |
approve --prompt "ok?" |
Halt for approval |
diff.last --key "mykey" |
Compare to last run (stateful) |
state.get key / state.set key |
Read/write persistent state |
json / table |
Render output |
Built-in Workflows
# Monitor PR for changes (stateful - remembers last state)
$LOBSTER "workflows.run --name github.pr.monitor --args-json '{\"repo\":\"owner/repo\",\"pr\":123}'"
# Monitor PR and emit message only on change
$LOBSTER "workflows.run --name github.pr.monitor.notify --args-json '{\"repo\":\"owner/repo\",\"pr\":123}'"
Approval Flow (Tool Mode)
When a pipeline hits approve, it returns:
{
"status": "needs_approval",
"requiresApproval": {
"prompt": "Send 3 emails?",
"items": [...],
"resumeToken": "eyJ..."
}
}
To continue:
$LOBSTER resume --token "eyJ..." --approve yes
Example Pipelines
# List recent PRs, filter merged, show as table
$LOBSTER 'exec --json --shell "gh pr list --repo owner/repo --json number,title,state --limit 20" | where "state=MERGED" | table'
# Get data, require approval, then process
$LOBSTER run --mode tool 'exec --json --shell "echo [{\"id\":1},{\"id\":2}]" | approve --prompt "Process these?" | pick id | json'
# Diff against last run (only emit on change)
$LOBSTER 'exec --json --shell "gh pr view 123 --repo o/r --json state,title" | diff.last --key "pr:o/r#123" | json'
Workflow Files (.lobster)
YAML/JSON files with steps, conditions, and approval gates:
name: pr-review-reminder
steps:
- id: fetch
command: gh pr list --repo ${repo} --json number,title,reviewDecision
- id: filter
command: jq '[.[] | select(.reviewDecision == "")]'
stdin: $fetch.stdout
- id: notify
command: echo "PRs needing review:" && cat
stdin: $filter.stdout
approval: required
Run: $LOBSTER run workflow.lobster --args-json '{"repo":"owner/repo"}'
Clawdbot Integration
Lobster can call Clawdbot tools via clawd.invoke:
$LOBSTER 'clawd.invoke --tool message --action send --args-json "{\"target\":\"123\",\"message\":\"hello\"}"'
Requires CLAWD_URL and CLAWD_TOKEN environment variables.
State Directory
Lobster stores state in ~/.lobster/state/ by default. Override with LOBSTER_STATE_DIR.
安全使用建议
This skill looks like a legitimate workflow runner, but its metadata does not match its documentation. Before installing or invoking: 1) Verify the source repository (github.com/guwidoe/lobster-skill) and inspect the actual published package; 2) Do not supply CLAWD_TOKEN/CLAWD_URL or other secrets unless you trust the code — the SKILL.md uses these but the skill metadata doesn't declare them; 3) Expect the skill to execute arbitrary shell commands (gh, jq, node) and to read/write ~/.lobster/state — run it in a sandbox or on a dedicated account if possible; 4) Prefer only installing from an official package release (check signatures/maintainer) rather than running unknown scripts; 5) Ask the publisher to update the metadata to declare required binaries and env vars (gh, jq, node, CLAWD_*), and to provide the package source and a reproducible install method. If you cannot validate the source, treat this skill as risky.
功能分析
Type: OpenClaw Skill
Name: lobster
Version: 1.0.1
The skill is classified as suspicious due to its core functionality allowing arbitrary shell command execution via `exec --json --shell "cmd"` and interaction with other Clawdbot tools via `clawd.invoke`. While these capabilities are presented as necessary for its stated purpose as a 'workflow runtime', they expose a significant attack surface for prompt injection against the AI agent, potentially leading to unauthorized command execution or abuse of other tools. The skill also explicitly requires access to `CLAWD_URL` and `CLAWD_TOKEN` environment variables for `clawd.invoke`, making sensitive credentials accessible. All these high-risk capabilities are detailed in `SKILL.md`.
能力评估
Purpose & Capability
The stated purpose (deterministic workflow runtime with approval gates) matches the examples and commands in SKILL.md. However, the metadata declares no required binaries or env vars while the instructions clearly expect a Node-based CLI, the GitHub CLI (gh), jq, and optionally clawd.invoke integration. The omission of these requirements is disproportionate to the documented functionality and is an incoherence.
Instruction Scope
Runtime instructions tell the agent to execute arbitrary shell commands (exec --json --shell "...") and to read/write persistent state (~/.lobster/state). They also include examples that run gh and jq, read workflow files, and call clawd.invoke which sends data to an external CLAWD_URL/CLAWD_TOKEN. This grants the skill the ability to run arbitrary commands and transmit data outside the agent — appropriate for a workflow runner but high-risk if the skill's provenance is unknown. The SKILL.md also contains hardcoded path examples (e.g., /home/molt/...) which suggest expectations about local installs.
Install Mechanism
There is no install spec (instruction-only), which minimizes automatic disk writes. The README suggests installing a Node package (npm install -g @clawdbot/lobster) or using a local node script; those are reasonable but not enforced. Because the skill is instruction-only, the scanner had no code to review; this is lower install risk but increases reliance on the user to follow installation guidance safely.
Credentials
Metadata lists no required environment variables, yet SKILL.md explicitly references CLAWD_URL and CLAWD_TOKEN for Clawdbot integration and allows overriding LOBSTER_STATE_DIR. Requesting a service token (CLAWD_TOKEN) is reasonable for Clawdbot calls, but the skill fails to declare it. The absence of declared secrets alongside instructions that use them is an inconsistency that can lead to accidental credential exposure if users assume none are needed.
Persistence & Privilege
The runtime uses persistent state (~/.lobster/state) and implements resume/approval tokens. The skill does not request always:true and does not modify other skills. Persistent state is coherent with the workflow purpose, but users should be aware the agent (when executing the CLI) will read/write files in the user home directory.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install lobster - 安装完成后,直接呼叫该 Skill 的名称或使用
/lobster触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Added link to GitHub repo for contributions
v1.0.0
Initial release: Lobster workflow runtime for deterministic pipelines with approval gates
元数据
常见问题
Lobster 是什么?
Lobster workflow runtime for deterministic pipelines with approval gates. Use when: (1) Running multi-step automations that need human approval before side effects, (2) Monitoring PRs/issues for changes, (3) Processing data through typed JSON pipelines, (4) Email triage or batch operations, (5) Any workflow that should halt and ask before acting. Lobster saves tokens by running deterministic pipelines instead of re-planning each step. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 3104 次。
如何安装 Lobster?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install lobster」即可一键安装,无需额外配置。
Lobster 是免费的吗?
是的,Lobster 完全免费(开源免费),可自由下载、安装和使用。
Lobster 支持哪些平台?
Lobster 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Lobster?
由 guwidoe(@guwidoe)开发并维护,当前版本 v1.0.1。
推荐 Skills