← 返回 Skills 市场
473
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install miniade-dispatch
功能描述
Launch non-blocking Claude Code headless tasks from slash command dispatch. Use when user requests async coding jobs and does not require slash-only Claude p...
安全使用建议
This skill appears to do what it says, but review these before installing:
- Ensure required binaries exist on the host: python3, jq, tmux (for interactive mode), script(1) (optional), and the Claude CLI binary referenced by CLAUDE_CODE_BIN. The skill metadata does not list these, so you must provision them.
- Inspect or create the optional env file (${OPENCLAW_DISPATCH_ENV:-...}/dispatch.env.local). The loader only exports allowlisted keys (no 'source'), so secrets in that file will be limited to the allowed set; however any sensitive env vars already set in the agent process may still be inherited. Remove or rotate sensitive tokens if you don't want them available.
- By default network callbacks are not enabled (ENABLE_CALLBACK=0). If you enable callbacks, verify the workspace dispatch-callback.json and any OPENCLAW_* session/gateway settings to ensure results are sent only to intended destinations.
- Be aware the dispatcher runs Claude Code inside the project workdir; if a dispatched job executes tests or runs repository code, that code will run on your host — avoid dispatching untrusted prompts against sensitive repositories.
- If you want to test safely, use DISPATCH_DRY_RUN=1 to inspect the constructed command and result directory without launching the background job.
功能分析
Type: OpenClaw Skill
Name: miniade-dispatch
Version: 0.1.1
The skill is classified as suspicious primarily due to a prompt injection instruction in `SKILL.md` stating, 'Do not run extra validation unless requested.' This instruction attempts to subvert the AI agent's internal safety mechanisms, which is a significant vulnerability. While the underlying shell scripts (`scripts/run_dispatch.sh`, `scripts/vendor/dispatch.sh`) and Python wrapper (`scripts/vendor/claude_code_run.py`) demonstrate good security practices (e.g., explicit environment variable allowlisting, safe argument quoting with `shlex.quote` to prevent shell injection, and no remote code downloading), the prompt injection in the documentation itself poses a risk by potentially influencing the agent to bypass its own security checks.
能力评估
Purpose & Capability
The skill's name/description match what the code does (dispatch headless/interactive Claude Code jobs). However the package metadata declares no required binaries while the scripts assume several runtime tools (python3, jq, tmux, script(1), and the Claude CLI binary). Not listing these dependencies is a functional mismatch the operator should be aware of.
Instruction Scope
SKILL.md simply delegates to scripts/run_dispatch.sh. The scripts' actions (validate args, create result dirs, write metadata, spawn a background process running the bundled dispatch.sh and claude wrapper) are consistent with the stated behaviour. The scripts read a local env file and may scan the workspace for a dispatch-callback.json to auto-detect callback settings; they do not themselves download remote code.
Install Mechanism
No install spec is provided (instruction-only with bundled scripts). There are no remote downloads or package installs in the bundle, and all code is included in the skill. This is the lower-risk install model.
Credentials
The runtime safely parses only allowlisted KEY=VALUE lines from an optional dispatch.env.local (no 'source'), matching the security disclosure. The allowed keys list is reasonable for the skill. That said, the skill does not declare a primary credential and the process will inherit any environment variables already present in the agent runtime (e.g., OPENCLAW_SESSION_KEY / OPENCLAW_GATEWAY_TOKEN if set externally). Operators should confirm what environment will be present, since sensitive gateway/session tokens in the parent env could be used by the scripts or downstream tools.
Persistence & Privilege
The skill is not always-enabled and does not modify other skills or system-wide config. It launches background processes and writes logs/results under configurable paths, which is expected for a dispatch/worker launcher.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install miniade-dispatch - 安装完成后,直接呼叫该 Skill 的名称或使用
/miniade-dispatch触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.1
release 0.1.1
v0.1.0
release 0.1.0
元数据
常见问题
Dispatch (Claude Code) 是什么?
Launch non-blocking Claude Code headless tasks from slash command dispatch. Use when user requests async coding jobs and does not require slash-only Claude p... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 473 次。
如何安装 Dispatch (Claude Code)?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install miniade-dispatch」即可一键安装,无需额外配置。
Dispatch (Claude Code) 是免费的吗?
是的,Dispatch (Claude Code) 完全免费(开源免费),可自由下载、安装和使用。
Dispatch (Claude Code) 支持哪些平台?
Dispatch (Claude Code) 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Dispatch (Claude Code)?
由 Xi ErDe(@edxi)开发并维护,当前版本 v0.1.1。
推荐 Skills