← 返回 Skills 市场
MYR
作者
JordanGreenhall
· GitHub ↗
· v1.3.0
· MIT-0
501
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install myr
功能描述
Capture, verify, search, export, import, and synthesize Methodological Yield Reports to compound OODA cycle learnings across Starfighter/Pistis intelligence...
安全使用建议
This skill appears to do what it says, but it carries real operational risk. Before installing: (1) do NOT run the one-line curl | bash without review—download the install script and inspect it first; (2) prefer cloning the repository and auditing the code (especially install.sh and server/index.js) before npm install; (3) run initial tests in an isolated VM or container, not on a production host; (4) avoid exposing the node_url to the public internet—use Tailscale/VPN and firewall rules, and restrict inbound ports; (5) review how keys and config.json are stored and back up secrets securely; (6) require authenticated peer pairing where possible and be cautious about accepting peer announces—unauthenticated discovery can leak metadata; (7) request signed releases or checksums from the author if you need to deploy widely. If you cannot review the code or run it in isolation, consider treating this as untrusted software.
功能分析
Type: OpenClaw Skill
Name: myr
Version: 1.3.0
The skill bundle instructs the agent to perform high-risk operations, including a 'curl | bash' installation from a remote GitHub repository and the setup of a persistent background service on macOS using launchd (com.myr.server.plist). While these actions support the stated goal of a peer-to-peer intelligence system, the combination of remote script execution, automated network synchronization, and an 'auto-approve' trust mechanism for remote peers creates a significant attack surface for data exfiltration or unauthorized access. These instructions are primarily contained within SKILL.md.
能力评估
Purpose & Capability
The name/description (capture, verify, search, export/import, synthesize MYRs) matches the SKILL.md. All runtime instructions (key generation, signing, export/import, search, verification, server for peer sync) are consistent with an intelligence-compounding P2P node.
Instruction Scope
The SKILL.md instructs the agent/operator to run networked services, generate persistent keys/config, run multiple node scripts, and open services for peer sync. It recommends setting MYR_HOME, running npm scripts, starting an HTTP server, and creating a launchd plist for persistence. The server exposes discovery and announce endpoints with no auth and supports automatic peer sync—this broad network behavior increases risk of data leakage or unwanted connectivity. The instructions do not ask for unrelated system files or external credentials, but they do direct persistent, network-exposing actions that go beyond a purely local helper.
Install Mechanism
The recommended 'one-step' install uses piping a raw GitHub-hosted install.sh to bash (curl -fsSL https://raw.githubusercontent.com/... | bash), which executes remote code without local review. The manual install path uses git clone + npm install (which will pull third-party npm packages). No checksums, signatures, or pinned release artifacts are provided. These practices elevate risk compared to a reviewed package or signed release.
Credentials
The skill does not request external environment variables or credentials in metadata. It does instruct creation of local keys and writing node_uuid/node_id to config.json and recommends setting MYR_HOME. Those local artifacts are proportional to a P2P node, but storing keys/config on disk and advertising node_url publicly are sensitive and should be handled carefully.
Persistence & Privilege
The documentation explicitly instructs creating a persistent service (macOS launchd example) and running a long-lived HTTP server that peers can reach. While the skill is not force-installed (always:false), installing it as described creates persistent network-facing behavior which increases attack surface and exposure if the software or its dependencies are compromised.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install myr - 安装完成后,直接呼叫该 Skill 的名称或使用
/myr触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.3.0
One-step install.sh; Hermes/Python integration example; README updates
v1.1.0
Add HTTP server for live peer sync, launchd persistent service setup, peer management CLI (add-peer, approve-peer, fingerprint exchange), Tailscale networking guide, shareable report marking
v1.0.0
Initial publish: MYR skill for Starfighter/Pistis intelligence compounding
元数据
常见问题
MYR 是什么?
Capture, verify, search, export, import, and synthesize Methodological Yield Reports to compound OODA cycle learnings across Starfighter/Pistis intelligence... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 501 次。
如何安装 MYR?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install myr」即可一键安装,无需额外配置。
MYR 是免费的吗?
是的,MYR 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
MYR 支持哪些平台?
MYR 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 MYR?
由 JordanGreenhall(@jordangreenhall)开发并维护,当前版本 v1.3.0。
推荐 Skills