← 返回 Skills 市场
97
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install model-config-check
功能描述
校验模型配置是否正确、模型是否可以正常连接和返回内容。当用户说"检查模型"、"测试模型"、"模型能不能用"、"模型配置"、"诊断模型问题"时使用。**每次修改模型配置(config.patch/config.apply涉及models.providers)后必须自动执行校验。** 用户只给模型名+API key时...
安全使用建议
This skill appears to do what it says (check model provider configs and call providers to verify responses) but has a few red flags you should address before installing: (1) The SKILL.md promises auto-detect/auto-write of provider config when a user gives only model+API key, but the included script does not implement writing/applying configs — clarify or remove the promise. (2) The script uses python3 and curl at runtime but the skill metadata lists no required binaries; ensure those tools exist on hosts where it will run. (3) The extractor prints API keys into its tab-separated output, which can leak keys to stdout/logs — restrict log access or modify the script to avoid printing secrets. (4) The skill expects to be auto-run on gateway config changes; if you enable automatic invocation, ensure it runs under appropriate permissions and that audit/logging is in place. Recommended next steps: review and harden the script to avoid printing secrets, add declared required binaries, test in a staging environment, and only enable automatic triggers after you confirm safe invocation hooks and logging controls.
功能分析
Type: OpenClaw Skill
Name: model-config-check
Version: 1.0.0
The skill bundle is designed to validate AI model configurations and connectivity. It provides instructions for the agent to automatically verify settings after configuration changes and includes a shell script (check_models.sh) that uses curl and Python to test API endpoints. While the skill handles sensitive data like API keys and performs network requests, these actions are strictly aligned with its stated purpose of diagnosing model issues, and there is no evidence of data exfiltration to unauthorized third parties or malicious execution logic.
能力评估
Purpose & Capability
The stated purpose (validate model configs, connectivity and model responses) matches the script's network and API checks. However SKILL.md also promises automatic creation and application of configs when the user supplies only model+API key and automatic triggering on gateway config changes; the provided script (scripts/check_models.sh) only reads ~/.openclaw/openclaw.json and validates providers — it does not implement auto-generation/appliance of config.patch or the 'auto-detect+write config' flow. Also the script relies on python3 and curl but the skill declares no required binaries.
Instruction Scope
Instructions require reading ~/.openclaw/openclaw.json and running the bundled check_models.sh — that is in-scope. But SKILL.md instructs additional behaviors (web searching to discover base URLs, writing config via gateway config.patch and restarting the gateway) that are not implemented in the script; these are broad actions that would modify configuration and trigger network calls. The script's extraction step prints provider apiKey into its tab-separated output (used internally), which increases the chance API keys are exposed in process output or logs.
Install Mechanism
No install spec (instruction-only + included shell script), so nothing is downloaded or installed by the skill itself. This is lower install risk. Note: runtime relies on system utilities (python3, curl, bash, mktemp) which are not declared in the skill metadata.
Credentials
The skill legitimately needs access to model provider configuration (api keys and base URLs) stored in ~/.openclaw/openclaw.json to perform checks. It requests no unrelated environment variables. However the script exposes apiKey values in the python extractor output (they are emitted into the PROVIDERS variable), which risks leaking secrets to logs or other observers — this handling is disproportionate if logs are not protected.
Persistence & Privilege
Skill metadata does not request always:true and is user-invocable, which is appropriate. SKILL.md's requirement that validation 'must automatically run' after gateway config.patch/config.apply/update.run implies integration with gateway event hooks or automatic invocation; the skill itself does not declare how it will be auto-triggered. If the platform wires this up to run automatically on config changes, that increases its blast radius and you should ensure proper authorization and auditing for automatic runs.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install model-config-check - 安装完成后,直接呼叫该 Skill 的名称或使用
/model-config-check触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of model-config-check skill.
- Automatically verifies model configuration and connectivity after provider/model changes or updates.
- Supports quick model addition by auto-detecting provider and filling configuration when only model name + API key are given.
- Runs comprehensive checks: configuration integrity, network, API authentication, and response validation.
- Provides users a detailed configuration report with results and troubleshooting advice.
- Supports both automatic and manual triggering for model diagnostics.
元数据
常见问题
Model Config Check 是什么?
校验模型配置是否正确、模型是否可以正常连接和返回内容。当用户说"检查模型"、"测试模型"、"模型能不能用"、"模型配置"、"诊断模型问题"时使用。**每次修改模型配置(config.patch/config.apply涉及models.providers)后必须自动执行校验。** 用户只给模型名+API key时... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 97 次。
如何安装 Model Config Check?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install model-config-check」即可一键安装,无需额外配置。
Model Config Check 是免费的吗?
是的,Model Config Check 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Model Config Check 支持哪些平台?
Model Config Check 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Model Config Check?
由 PL Uncle(@jasonzhang2015)开发并维护,当前版本 v1.0.0。
推荐 Skills