← 返回 Skills 市场
model_manager
作者
WilliamXXu
· GitHub ↗
· v1.0.1
· MIT-0
106
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install modelmanager
功能描述
OpenClaw 模型管理工具。用于查看、设置和管理 OpenClaw 使用的大语言模型。 当用户提到以下场景时使用:切换模型、查看可用模型、设置备用模型、管理模型降级。 重要:此 skill 必须在获得用户明确指示后才能使用。
安全使用建议
This skill aims to manage local OpenClaw models and is plausible, but there are several issues you should address before installing or using it unattended: 1) Platform mismatch — the script calls a macOS-specific path (/Applications/QClaw.app/...) despite no OS restriction; don't install if you aren't on that platform or if that path is absent. 2) Authorization mismatch — SKILL.md says modifications require explicit user permission but the script will perform changes when invoked; ensure the runtime enforces confirmations or only run on explicit user commands. 3) Command injection — model IDs are interpolated into shell commands with shell=True; if the skill receives untrusted input this could execute arbitrary shell commands. 4) Functional bug — the documented 'fallback list' command is not implemented consistently with argv parsing. Recommended actions: review and patch the script (avoid shell=True, sanitize inputs, fix the fallback-list handling, remove hardcoded macOS paths or add platform checks), restrict autonomous invocation until fixes are applied, and test in a safe environment. If you cannot inspect and/or fix the code, treat the skill as risky and do not grant it autonomous execution rights.
功能分析
Type: OpenClaw Skill
Name: modelmanager
Version: 1.0.1
The skill contains a critical shell injection vulnerability in `scripts/model_manager.py`. The `run_cmd` function utilizes `subprocess.run(shell=True)` and directly interpolates user-provided arguments (like `model_id`) into shell commands without any sanitization. While the script's logic is consistent with its stated purpose of managing LLM configurations via a local helper script (`openclaw-mac.sh`), the implementation allows for arbitrary command execution if a malicious model ID is provided.
能力评估
Purpose & Capability
Name and description align with functionality: listing/setting models and managing fallbacks. However, the implementation calls a hardcoded macOS app script (/Applications/QClaw.app/.../openclaw-mac.sh) while the SKILL.md instructs running a workspace-local script path (~/.qclaw/workspace/skills/...). The skill claims to save changes to ~/.qclaw/agents/main/agent/models.json and ~/.qclaw/openclaw.json which is consistent with a model manager, but the hardcoded macOS wrapper makes the skill platform-specific despite no OS restriction.
Instruction Scope
SKILL.md states queries are safe and modifications require explicit user authorization, but the provided Python script performs modifications whenever invoked and does not itself enforce or prompt for user confirmation. The script also contains a bug/inconsistency for the documented 'fallback list' command (the code expects argv[1]=='fallback list' which is inconsistent with typical argv parsing and the documentation). These mismatches mean the runtime behavior may not respect the described safeguards.
Install Mechanism
No install spec or external downloads; the skill is instruction-only plus a local Python script, so there is no package-fetch or remote installer risk.
Credentials
The skill requests no environment variables or external credentials, which is proportional to its stated local-management purpose. Note: the script uses subprocess.run with shell=True and directly interpolates model IDs into shell commands, creating a command-injection risk if untrusted input is passed.
Persistence & Privilege
always is false (good), but disable-model-invocation is false so the agent may invoke the skill autonomously. Combined with the script not enforcing the described 'explicit user authorization' for modification commands and the shell-injection vulnerability, autonomous invocation increases risk. The skill does write through OpenClaw's CLI to local config files (models.json and openclaw.json) which is expected but privileged.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install modelmanager - 安装完成后,直接呼叫该 Skill 的名称或使用
/modelmanager触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Initial release of the model-manager skill for OpenClaw:
- Adds a tool for viewing, setting, and managing large language models in OpenClaw.
- Provides query commands (list, status, fallback list) that do not require user authorization.
- Restricts modifying commands (set, fallback add/remove) to explicit user instructions.
- Includes clear usage instructions and command examples.
- Integrates with OpenClaw’s model management CLI for seamless operations.
元数据
常见问题
model_manager 是什么?
OpenClaw 模型管理工具。用于查看、设置和管理 OpenClaw 使用的大语言模型。 当用户提到以下场景时使用:切换模型、查看可用模型、设置备用模型、管理模型降级。 重要:此 skill 必须在获得用户明确指示后才能使用。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 106 次。
如何安装 model_manager?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install modelmanager」即可一键安装,无需额外配置。
model_manager 是免费的吗?
是的,model_manager 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
model_manager 支持哪些平台?
model_manager 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 model_manager?
由 WilliamXXu(@williamxxu)开发并维护,当前版本 v1.0.1。
推荐 Skills