← 返回 Skills 市场
lz84

Multi User Privacy

作者 lz84 · GitHub ↗ · v0.9.2 · MIT-0
cross-platform ⚠ suspicious
340
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install multi-user-privacy
功能描述
Automatically identifies users, isolates memories, filters sensitive content, manages sessions and sub-agents, and enforces role-based privacy and quota cont...
安全使用建议
This skill is feature-rich and mostly coherent with a 'multi-user privacy' purpose, but there are several red flags you should check before installing: - Review the code yourself (or have an engineer do it) before running any install/post-install scripts (auto-mount, auto-create-subagents, monitoring start scripts). Those scripts run on your machine and can create services, cron jobs, or write files under ~/.openclaw. - The 'cold-start' flow lets the first user who talks to a fresh instance designate the admin account. On a new deployment that could be any external user — consider disabling or changing this behavior before using in production. - The skill includes a web-admin server and monitoring/alert scripts. If you enable them, make sure they are bound to localhost or protected by authentication and firewall rules. Do not expose the admin UI publicly without auditing it. - The project references external integrations (GitHub publishing, 飞书/other alerts) but declares no required env vars. If you provide tokens/webhooks, audit where they are stored and ensure the code uses them only for intended actions. - Test in an isolated environment (VM/container) first. Verify that automatic subagent creation, pending-queue processing, and sessions_spawn interactions behave as expected and do not create unintended processes or network listeners. - If you plan to use it in a shared or production instance, require an explicit admin approval step for subagent creation and remove/modify the cold-start 'first-user becomes admin' flow. Bottom line: the skill is not obviously malicious, but it performs privileged, persistent, and networked operations; proceed only after code review and running inside a controlled/sandboxed environment.
功能分析
Type: OpenClaw Skill Name: multi-user-privacy Version: 0.9.2 The bundle implements an extensive multi-user management system but utilizes highly intrusive and insecure methods. Key concerns include 'scripts/auto-inject.js', which monkey-patches the core Node.js 'fs' module to intercept all file read/write operations, and 'scripts/inject-hook.js', which automatically modifies the main application entry points (e.g., main.js) to insert global hooks. Additionally, 'web-admin/server.js' launches a web server on port 3456 that lacks any authentication mechanism, potentially allowing unauthorized network users to manage user quotas and sub-agents. While these features support the stated goal of privacy enforcement, the combination of intrusive system modifications and significant security vulnerabilities warrants a suspicious classification.
能力评估
Purpose & Capability
The codebase (privacy-guard, subagent integration, session persistence, web-admin, monitoring, quota manager) aligns with the stated multi-user privacy, isolation, and quota goals. However the project also includes web server components, monitoring/alert scripts, GitHub publish scripts and '飞书' alert mentions but declares no required env vars or credentials — a mismatch between claimed integrations and declared requirements. The presence of many system-level scripts (auto-mount, auto-create-subagents.sh, systemd/cron examples) is heavier than a minimal 'privacy guard' and should be expected only if you want full gateway/service-level integration.
Instruction Scope
SKILL.md and scripts instruct the agent / operator to read and write many local config and state files (~/.openclaw/workspace, .user-context.json, memory files, router-db, pending queue, quota DB) and to integrate directly into the Gateway message flow. It also prescribes automatic creation of subagents (pending queue → sessions_spawn), running scripts, restarting gateway, and starting a web admin on port 3456. Those instructions grant broad filesystem and runtime control and include a 'cold-start' flow that allows the first contact user to set the administrator identity — a significant trust boundary that could be abused on a fresh instance.
Install Mechanism
No install spec is registered in the metadata (instruction-only), so the package does not automatically download remote code during install. That reduces supply-chain risk from the registry metadata. However docs and release notes reference post-install scripts (node auto-mount.js) and a GitHub release; following those manual steps will execute local scripts from this package, so users should review them before running.
Credentials
The skill requests no environment variables or credentials in its registry metadata, yet the codebase and docs reference external integrations (GitHub publishing, 飞书 alerts, monitoring, web admin) that normally require tokens/webhooks. That mismatch is concerning because the code contains tooling that reads/writes local credential-bearing config files and can start network services without declaring needed secrets. Also the skill manipulates local agent config/state files (user context, memory, router DB), which is proportionate to its goals but means it will have access to potentially sensitive local data.
Persistence & Privilege
While the skill is not marked always:true, it installs components that intend to run persistently (web-admin server, monitoring, cron/systemd examples, scripts to process pending queues) and instructs integration with the Gateway message pipeline. The cold-start design (first user can set admin) and the automatic subagent creation (no manual approval) increase privilege and persistence risk on new deployments. Combined, these behaviors create a substantial runtime footprint that should be intentionally approved and sandboxed.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install multi-user-privacy
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /multi-user-privacy 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.9.2
- Initial release of v0.9.2 with 90 new files added. - Introduced session management, memory isolation, privacy guard, and quota logic. - Added scripts and documentation for multi-user privacy, subagent auto-creation, and configuration. - Included project plans, technical reports, and detailed setup guides. - Core features implemented: strict privacy checks, physical memory isolation per user, session routing, and quota enforcement. - Provided integration instructions for use with ClawHub/OpenClaw systems.
v0.9.1
**Big change: All documentation and config/example files have been removed from the package.** - Removed 88 files, including all markdown documentation, configuration samples, project planning, status, and test report files. - Core code and feature set remain unchanged. - Only essential functionality is preserved; all guides, READMEs, and auxiliary materials are now excluded from distribution.
v0.9.0
v0.9.0 introduces automatic sub-agent creation through the Gateway. - Gateway now detects new users on message receipt and auto-creates dedicated sub-agents. - Pending queue mechanism added for sub-agent assignment; messages routed automatically to the correct sub-agent. - New admin and user quota management system implemented, supporting auto-reset and usage logs. - Multiple privacy features improved: enhanced identity recognition, session/user memory isolation, real-time privacy checks, and permissions. - Configuration hot-reload supported; performance and cache optimizations applied. - Session management, quota control, and logging tools available via scripts.
元数据
Slug multi-user-privacy
版本 0.9.2
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 3
常见问题

Multi User Privacy 是什么?

Automatically identifies users, isolates memories, filters sensitive content, manages sessions and sub-agents, and enforces role-based privacy and quota cont... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 340 次。

如何安装 Multi User Privacy?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install multi-user-privacy」即可一键安装,无需额外配置。

Multi User Privacy 是免费的吗?

是的,Multi User Privacy 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Multi User Privacy 支持哪些平台?

Multi User Privacy 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Multi User Privacy?

由 lz84(@lz84)开发并维护,当前版本 v0.9.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论