← 返回 Skills 市场
emrys-hong

Nightly Workspace Audit

作者 Hong Pengfei · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
77
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install nightly-workspace-audit
功能描述
Nightly workspace audit — auto-discover file dependencies by scanning all workspace files for cross-references, manage HOT/WARM/COLD memory tiers, detect orp...
安全使用建议
This skill appears to do what it says (scan and clean an OpenClaw workspace) and does not request network credentials or external installs, which is good — but it will autonomously modify and delete workspace files based on heuristic rules. Before installing or running it: 1) insist on a dry-run mode that reports proposed changes without applying them; 2) require explicit user confirmation for any deletions/renames/moves; 3) back up your workspace first; 4) verify how it accesses session transcripts and cron jobs (ensure it only reads data you expect it to); and 5) clarify the local-overrides file path and keep a protected list of files the skill must never auto-modify.
功能分析
Type: OpenClaw Skill Name: nightly-workspace-audit Version: 1.0.0 The skill implements a workspace maintenance routine with broad permissions to read, move, and delete files across the environment (SKILL.md). It is classified as suspicious because it includes destructive actions like 'pruning' content and an indirect prompt injection risk where the agent is instructed to 'run additional checks' from a user-provided 'local-overrides.md' file. Additionally, it accesses sensitive session transcripts and cron job configurations to determine file usage (references/tier-rules.md), which are high-risk behaviors even if plausibly needed for the stated purpose.
能力评估
Purpose & Capability
The name/description match the actions in SKILL.md: scanning workspace files, building dependency graphs, and moving/archiving/cleaning files is consistent with a 'workspace audit'. Requesting no external credentials or installs is proportionate. Note: the skill expects access to workspace filesystem and agent-internal tooling (cron list, memory_search), which is reasonable for this purpose but high-impact.
Instruction Scope
The SKILL.md instructs the agent to read every .md/.json under workspace/, inspect cron job prompts and recent session transcripts (via memory_search), and to perform merges, deduplications, prunes, renames, and moves — including deleting entries and moving files to archive. Criteria for destructive actions are heuristic and sometimes vague ("confirmed no longer useful"), and there is no explicit step requiring user confirmation or a dry-run. The file referenced for local overrides is inconsistently named (mentions both local-overrides.md and references/local-overrides.md). These open-ended edit instructions create a real risk of unintended data loss.
Install Mechanism
No install spec and no code files (instruction-only). This minimizes supply-chain risk; nothing will be written to disk by an installer.
Credentials
The skill declares no required env vars, no credentials, and no config paths. Its need to read workspace files, cron entries, and session transcripts is proportional to the stated auditing purpose. However, the instructions implicitly rely on agent-internal tools (e.g., memory_search, cron list) that are not listed as explicit dependencies — reasonable but worth confirming with the platform.
Persistence & Privilege
always:false (good). The skill will modify workspace state (create/rename/move/delete files) when invoked; autonomous model invocation is allowed by platform default. Combined with the ambiguous deletion rules, this grants significant destructive capability during normal runs — recommend requiring explicit user confirmation or a safe dry-run mode before making changes.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install nightly-workspace-audit
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /nightly-workspace-audit 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: auto-discover file dependencies, HOT/WARM/COLD memory tiering, nightly cleanup and health report
元数据
Slug nightly-workspace-audit
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Nightly Workspace Audit 是什么?

Nightly workspace audit — auto-discover file dependencies by scanning all workspace files for cross-references, manage HOT/WARM/COLD memory tiers, detect orp... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 77 次。

如何安装 Nightly Workspace Audit?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install nightly-workspace-audit」即可一键安装,无需额外配置。

Nightly Workspace Audit 是免费的吗?

是的,Nightly Workspace Audit 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Nightly Workspace Audit 支持哪些平台?

Nightly Workspace Audit 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Nightly Workspace Audit?

由 Hong Pengfei(@emrys-hong)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论