← 返回 Skills 市场
2306
总下载
1
收藏
11
当前安装
1
版本数
在 OpenClaw 中安装
/install moltbot-docker
功能描述
Enables the bot to manage Docker containers, images, and stacks.
安全使用建议
This skill appears to do what it says (manage Docker), but there are practical and security gaps you should address before installing:
- Verify the runtime: the SKILL.md expects the docker CLI and access to Docker daemon (e.g., /var/run/docker.sock). Confirm whether your agent environment actually provides Docker and whether the socket is exposed. Access to the Docker daemon is equivalent to root on the host — treat it as highly sensitive.
- Ask the skill author (or registry) to fix the metadata inconsistency (declare docker as a required binary) and to document whether it intends to use a local Docker socket or a remote/limited API.
- Restrict where this skill runs: if possible, run it in an isolated sandbox or against a remote Docker endpoint with least privilege rather than exposing the host Docker socket.
- Consider disabling autonomous invocation or require explicit user confirmations for destructive operations (rm, rmi, system prune) — the SKILL.md already recommends this but enforce it in the agent config.
- Be cautious about logs/inspect output: container logs and inspect can contain secrets or private data. Treat any data the skill returns as potentially sensitive.
If you can't confirm the environment and the author, test the skill in a disposable VM/container first or decline installation.
功能分析
Type: OpenClaw Skill
Name: moltbot-docker
Version: 1.0.0
The skill requests access to the `docker` binary, a powerful tool that, when executed, often operates with elevated privileges (e.g., as root or in the docker group). While the `SKILL.md` instructions list legitimate Docker management commands and even include safety rules for destructive actions, the inherent capability to execute arbitrary `docker` commands (including `docker inspect` which can reveal sensitive container configurations) represents a significant risk. This falls under 'risky capabilities without clear malicious intent' as it provides a powerful attack surface for potential privilege escalation or host compromise if the agent or the underlying Docker daemon is exploited, even though the skill itself does not explicitly instruct malicious behavior.
能力评估
Purpose & Capability
SKILL.md clearly implements a Docker manager (running docker ps, logs, inspect, rm, rmi, system prune). However, the registry metadata for the skill lists no required binaries while the skill header declares bins: ["docker"] — that's an inconsistency that should be clarified.
Instruction Scope
The runtime instructions are narrowly focused on Docker commands and include sensible safety rules (ask before rm/rmi/prune). They do instruct the agent to run docker logs/inspect which can expose sensitive container output (environment variables, secrets, files) and may leak data if transmitted. The instructions do not reference unrelated files or credentials.
Install Mechanism
Instruction-only skill with no install spec or code files — lowest installation risk. Nothing is written to disk by the skill itself.
Credentials
The skill declares no required environment variables or credentials, which is fine. However, practical use requires access to the Docker CLI and to the Docker daemon (typically via /var/run/docker.sock or equivalent API). That socket grants effectively root-level control over the host; the SKILL.md does not mention this or recommend running against a restricted/remote Docker endpoint.
Persistence & Privilege
always:false and no install actions — the skill does not request permanent presence or modify other skills. Note: model invocation is allowed (agent can run autonomously) by default; combined with Docker daemon access, autonomous actions could have high impact, so consider limiting autonomy or requiring explicit confirmations.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install moltbot-docker - 安装完成后,直接呼叫该 Skill 的名称或使用
/moltbot-docker触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of Docker Manager skill.
- Manage Docker containers, images, and stacks via built-in Docker commands.
- Provides command templates for common container and image operations.
- Includes safety rules to confirm critical or destructive actions.
- Guides troubleshooting with log and inspect commands.
元数据
常见问题
MoltDocker 是什么?
Enables the bot to manage Docker containers, images, and stacks. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2306 次。
如何安装 MoltDocker?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install moltbot-docker」即可一键安装,无需额外配置。
MoltDocker 是免费的吗?
是的,MoltDocker 完全免费(开源免费),可自由下载、安装和使用。
MoltDocker 支持哪些平台?
MoltDocker 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 MoltDocker?
由 mkrdiop(@mkrdiop)开发并维护,当前版本 v1.0.0。
推荐 Skills