← 返回 Skills 市场
mupengi-bot

skill-router

作者 mupengi-bot · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
950
总下载
1
收藏
5
当前安装
1
版本数
在 OpenClaw 中安装
/install mupeng-skill-router
功能描述
Context-based skill auto-routing + federated skill composition. Analyzes user input to auto-select single or multiple skills and execute in order. First gate...
安全使用建议
This skill is an orchestrator and is coherent with that purpose, but it asks the agent to execute other skills' run scripts and to only scan frontmatter (not full skill bodies). Before installing, consider: (1) Do you trust every skill already present in your workspace? Any skill with a run.sh could execute arbitrary commands when routed. (2) Ask the publisher to explicitly declare required config paths (workspace/events/memory) and to provide guardrails: require explicit approvals for side-effecting actions (git push, deploy, email/post), validate or sandbox run scripts, and perform full SKILL.md/code inspection rather than frontmatter-only. (3) Prefer testing the router in an isolated environment (non-production workspace) and enable verbose logging/audit trail and an allowlist of skills it may execute. If you can't verify those mitigations, treat this skill as higher risk and avoid making it the universal gateway.
功能分析
Type: OpenClaw Skill Name: mupeng-skill-router Version: 1.0.0 The `SKILL.md` file describes a core execution flow that directly executes scripts using `bash $WORKSPACE/skills/{name}/run.sh [args]`. The `{name}` and `[args]` components are derived from user input or other skill outputs, which presents a critical shell injection vulnerability. This design flaw could lead to Remote Code Execution (RCE) if inputs are not rigorously sanitized before command construction. While this is a severe vulnerability, there is no explicit evidence of intentional malicious behavior (e.g., data exfiltration, persistence) within the provided files, classifying it as suspicious rather than malicious.
能力评估
Purpose & Capability
The name/description (skill-router) aligns with orchestrating other skills, but the SKILL.md explicitly instructs reading files under $HOME/.openclaw/workspace and executing skills/*/run.sh. The registry metadata declares no required config paths or workspace access, so the skill's runtime expectations (file system access to workspace and executing per-skill scripts) are not reflected in the declared requirements — an incoherence.
Instruction Scope
The instructions tell the agent to: (1) scan only SKILL.md frontmatter (skip full body), (2) execute arbitrary scripts (bash $WORKSPACE/skills/{name}/run.sh), (3) write/read events/ files for chaining, and (4) auto-trigger subsequent skills. Skipping full-body reads weakens inspection and can hide malicious details. Direct execution of other skills' run scripts without additional validation/authorization grants this skill broad discretion to run arbitrary code and to chain side-effecting operations.
Install Mechanism
Instruction-only skill with no install spec, no downloads, and no declared binaries — minimal install risk. Nothing is written to disk by an installer here (the instructions themselves describe writing events at runtime).
Credentials
The skill declares no required env vars or credentials (consistent with being an orchestrator). However, the runtime instructions assume access to $HOME/.openclaw/workspace, events/, and memory/ paths even though no config paths were declared. That implicit filesystem access should be declared and justified.
Persistence & Privilege
always:false and no explicit persistent install is good, but the skill is intended as a 'first gateway' and to be used on every request. Its instructions enable autonomous invocation of many other skills (including running their scripts and auto-trigger rules), which increases blast radius. The skill also recommends token-saving heuristics that intentionally avoid full inspection of skills — combining broad autonomous invocation with reduced inspection is risky.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install mupeng-skill-router
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /mupeng-skill-router 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
initial batch publish
元数据
Slug mupeng-skill-router
版本 1.0.0
许可证
累计安装 5
当前安装数 5
历史版本数 1
常见问题

skill-router 是什么?

Context-based skill auto-routing + federated skill composition. Analyzes user input to auto-select single or multiple skills and execute in order. First gate... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 950 次。

如何安装 skill-router?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install mupeng-skill-router」即可一键安装,无需额外配置。

skill-router 是免费的吗?

是的,skill-router 完全免费(开源免费),可自由下载、安装和使用。

skill-router 支持哪些平台?

skill-router 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 skill-router?

由 mupengi-bot(@mupengi-bot)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论