← 返回 Skills 市场
Night Shift
作者
vardhineediganesh877-ui
· GitHub ↗
· v1.0.5
· MIT-0
79
总下载
0
收藏
0
当前安装
6
版本数
在 OpenClaw 中安装
/install night-shift
功能描述
Queue coding plans during the day, approve them, execute later in isolated worktrees, and inspect reports. Background agentic execution requires an explicitl...
安全使用建议
This skill appears coherent with its purpose, but it's powerful: it will create git worktrees, run subprocesses (including arbitrary shell phases), commit changes, and optionally call model CLIs or send Telegram messages if you configure tokens. Before installing or running Night Shift: 1) inspect the included scripts (especially git_manager.py, executor.py, and any wrappers) and the SKILL.md; 2) run everything in an isolated/disposable workspace (OPENCLAW_WORKSPACE=/tmp/night-shift-demo) and use dry-run first; 3) be cautious about providing optional tokens (CURSOR_API_KEY, TELEGRAM_BOT_TOKEN) — only enable them if you trust the environment; 4) note that the skill attempts to chown/chmod worktrees and modifies global git safe.directory — run it under the intended service account and avoid running as root in a sensitive system; 5) approve plans manually and avoid approving high-risk production actions without explicit review.
功能分析
Type: OpenClaw Skill
Name: night-shift
Version: 1.0.5
Night Shift is a comprehensive autonomous task-queueing and execution framework designed for engineering workflows. It manages a lifecycle of planning, user approval, and batch execution using git worktrees for isolation. While the skill possesses high-risk capabilities—including subprocess execution, filesystem modification, and global git configuration changes (scripts/git_manager.py)—these are strictly aligned with its stated purpose. Notably, the bundle includes proactive security measures, such as a command allowlist for verification steps and a content scanner (scripts/verifier.py) that checks for dangerous patterns like 'rm -rf /' or 'eval()'. No evidence of malicious intent, data exfiltration, or unauthorized persistence was found.
能力标签
能力评估
Purpose & Capability
Name/description match the implementation: a queued execution framework that creates git worktrees, runs phases via shell/agent CLIs, verifies, checkpoints, and reports. Requested binaries (python3, git) and optional CLIs (cursor/agent/claude) are proportional to the described functionality.
Instruction Scope
SKILL.md directs the agent to create/modify worktrees, run subprocesses, and call optional CLIs or Telegram when configured — this is expected. It also allows arbitrary 'shell' phases (which by design lets Night Shift run arbitrary commands inside a worktree). Users must review generated plans before approving; the skill explicitly documents this. No instructions were found that access unrelated system paths or external endpoints beyond optional notifications and model CLIs.
Install Mechanism
There is no download/install step in the manifest (skill is bundled with Python scripts). Nothing is fetched from untrusted external URLs during install. Code is provided as part of the skill, so review the bundled files before running.
Credentials
No required environment secrets are listed; optional env vars (OPENCLAW_WORKSPACE, NIGHT_SHIFT_DATA_DIR, CURSOR_API_KEY, TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID, etc.) are reasonable for optional features (workspace override, agent CLI auth, notifications). Users should not populate optional tokens unless they want notifications or Cursor access; docs explicitly advise against committing secrets.
Persistence & Privilege
The skill writes state and worktrees under the configured workspace (expected). Notable privileged actions in code: chown/chmod calls in git_manager (attempting to chown worktrees to 'coder:coder' and chmod paths) and a global 'git config --global --add safe.directory' call. These may require elevated privileges or produce side effects in user-global git config; the behavior is explained in docs but merits explicit review and caution before running in production contexts or under privileged accounts.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install night-shift - 安装完成后,直接呼叫该 Skill 的名称或使用
/night-shift触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.5
Registry package hardening: exclude local ops watchdog/notification/test helpers from public package, keep core executor/preflight/dry-run workflow, and reduce scanner noise while preserving local source/tests.
v1.0.4
Public package cleanup: exclude legacy/internal runner and BMAD helper paths from ClawHub package, keep core executor/preflight/dry-run flow, and reduce scanner surface while preserving tests.
v1.0.3
Scanner hardening: removed shell=True from verifier and phase shell runner, added allowlisted argv verification commands, retained read-only dry-run/preflight safeguards, and kept explicit capability metadata/docs.
v1.0.2
Trust and runner hardening: dry-run is read-only, added live preflight checks, declared runtime requirements/capabilities, documented security/install model, cleaned package artifacts, and improved systemd background environment.
v1.0.1
v1.0.1: add trust, permissions, and security scanner documentation explaining Night Shift's shell/git/subprocess automation model and safe first-run guidance.
v1.0.0
v1.0.0: initial public release of queued overnight coding workflow with isolated worktrees, phased execution, verification, checkpoints, reporting, and portable env-based configuration.
元数据
常见问题
Night Shift 是什么?
Queue coding plans during the day, approve them, execute later in isolated worktrees, and inspect reports. Background agentic execution requires an explicitl... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 79 次。
如何安装 Night Shift?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install night-shift」即可一键安装,无需额外配置。
Night Shift 是免费的吗?
是的,Night Shift 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Night Shift 支持哪些平台?
Night Shift 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Night Shift?
由 vardhineediganesh877-ui(@vardhineediganesh877-ui)开发并维护,当前版本 v1.0.5。
推荐 Skills