← 返回 Skills 市场
NAS Agent Sync
作者
Nealbuilds
· GitHub ↗
· v1.1.0
802
总下载
0
收藏
1
当前安装
2
版本数
在 OpenClaw 中安装
/install nas-agent-sync
功能描述
Centralizes multi-agent file storage by routing all file operations through a designated File Master agent using SSH to a Synology NAS or any SSH-accessible...
安全使用建议
This skill is conceptually reasonable for centralizing agent files to a Synology NAS, but the SKILL.md and the registry metadata are inconsistent and the instructions ask agents to access and transmit local workspace files via sessions_send. Before installing or using it:
- Expect to manually provide an SSH key/account on the File Master; the skill should explicitly declare required binaries (ssh, rsync) and the credential handling method.
- Restrict the File Master to a dedicated account on the NAS with minimal permissions (dedicated home dir, no shell access beyond scp/rsync if possible). Consider a forced-command or restricted sftp/chroot account on the NAS.
- Do not place private keys or long-lived secrets in agent memory or SOUL.md; store the private key only on the File Master host, with proper filesystem permissions and rotation policy.
- Test with non-sensitive files first to confirm where file contents are logged or retained by the agent messaging (sessions_send). Add explicit size limits and content filters to avoid accidental exfiltration of secrets.
- If you enable scheduled backups, audit the backup payload and logs and ensure backup tasks run under a least-privilege account.
- Ask the skill author to update metadata to list required binaries (ssh, rsync, cron capability) and to declare what credentials the skill expects and how they should be provisioned.
If you cannot confirm these changes or control of the File Master account/NAS, treat installation as higher risk and avoid sending sensitive data through the system.
功能分析
Type: OpenClaw Skill
Name: nas-agent-sync
Version: 1.1.0
The skill bundle describes a legitimate NAS integration via SSH, but the `SKILL.md` instructions for the 'File Master' agent involve constructing and executing `ssh` and `rsync` commands with user-provided or inter-agent parameters (e.g., `[file]`, `[subfolder]`). This pattern introduces a significant shell injection vulnerability on the remote NAS if these parameters are not rigorously sanitized by the OpenClaw agent's execution environment, potentially allowing arbitrary command execution on the NAS. While the stated purpose is benign, the direct execution of shell commands with templated inputs represents a high-risk capability without explicit safeguards described in the skill itself.
能力评估
Purpose & Capability
The stated purpose (centralized NAS file storage via a single File Master over SSH) is coherent with the instructions (ssh, rsync, sessions_send, folder layout). However the registry metadata claims no required binaries or credentials even though the SKILL.md explicitly requires ssh, rsync, and an SSH key on the File Master — this omission is an inconsistency that should be corrected.
Instruction Scope
The SKILL.md instructs the File Master to run ssh/rsync commands, cat files, and send file contents back to requesting agents using sessions_send. That means agents will access local workspace paths (~/.openclaw/workspace-*/memory/) and transmit file content through agent messaging. Those actions can expose secrets or large files and should be narrowly scoped, audited, and documented; the instructions do not mandate any filtering, size limits, or content-sanitization.
Install Mechanism
This is an instruction-only skill (no install spec, no code files), which minimizes installation risk. There is no download/extract/install mechanism in the registry payload.
Credentials
The skill metadata lists no required environment variables or primary credential, yet the runtime workflow depends on an SSH key/account on the File Master and on the target NAS accepting key-based auth. Also it expects access to local user paths like ~/.openclaw/workspace-*/ — potentially containing sensitive data. The lack of declared credentials/tools is disproportionate to what the instructions actually require.
Persistence & Privilege
The skill does not request always:true and has no install-time persistence. However the README suggests scheduling recurring backups (cron job via OpenClaw), which would enable autonomous, scheduled file transfers and therefore increases impact if misconfigured. Autonomous invocation is allowed by default; this combination warrants caution but is not itself a disqualifying privilege.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install nas-agent-sync - 安装完成后,直接呼叫该 Skill 的名称或使用
/nas-agent-sync触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
SECURITY FIX: Removed all specific agent names and setup details. Fully generalized examples.
v1.0.0
- Initial release of nas-agent-sync (v1.0.0)
- Introduces the File Master agent pattern for secure, centralized file storage via SSH
- Provides comprehensive setup and folder structure guides for Synology and compatible NAS systems
- Includes documented backup strategies using cron and rsync
- Recommends Tailscale for secure remote SSH access
- Supports multi-agent teams and various NAS/Linux storage platforms
元数据
常见问题
NAS Agent Sync 是什么?
Centralizes multi-agent file storage by routing all file operations through a designated File Master agent using SSH to a Synology NAS or any SSH-accessible... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 802 次。
如何安装 NAS Agent Sync?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install nas-agent-sync」即可一键安装,无需额外配置。
NAS Agent Sync 是免费的吗?
是的,NAS Agent Sync 完全免费(开源免费),可自由下载、安装和使用。
NAS Agent Sync 支持哪些平台?
NAS Agent Sync 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 NAS Agent Sync?
由 Nealbuilds(@neal-collab)开发并维护,当前版本 v1.1.0。
推荐 Skills