← 返回 Skills 市场
302
总下载
0
收藏
1
当前安装
4
版本数
在 OpenClaw 中安装
/install nova-permission-system
功能描述
提供完整的权限认证系统,包括权限检查、身份管理、审批流程及权限配置模板,支持多平台账号绑定和审计。
安全使用建议
Things to do before installing or enabling:
- Don’t immediately copy the AGENTS.md rules into your global agent config. Back up AGENTS.md and other configs first.
- Review the sub-skills' SKILL.md files: permission-gate and identity-management declare always:true which forces persistent inclusion — remove or change this flag if you don't want them always-loaded.
- Inspect and test the Python code in a sandbox. There are multiple inconsistencies (e.g., some functions expect {"users": [...] } but bundled data templates are plain arrays). These will likely cause runtime errors or unexpected behavior.
- Confirm and restrict filesystem permissions for /workspace/data, /workspace/config, and /workspace/logs (audit.log) because logs and user data may contain personal information.
- Run the skill in an isolated test agent (not your production assistant) and exercise edge cases: missing open_id, malformed data, and approval flows.
- If you accept the global-enforcement model, prefer manual configuration of AGENTS.md by a trusted admin rather than blindly pasting the provided block.
- If you are not comfortable with skills that alter agent-wide behavior or force persistent inclusion, decline or modify the skill to be opt-in (remove always:true) and fix the data-format/code mismatches first.
功能分析
Type: OpenClaw Skill
Name: nova-permission-system
Version: 1.0.3
The 'nova-permission-system' is a functional role-based access control (RBAC) and identity management framework designed for AI agents. It implements a 'gatekeeper' pattern using Python modules (main.py, middleware.py) and JSON-based data storage to manage user roles (owner, friend, stranger) and verify identities via secret codes. The skill bundle includes comprehensive instructions for the agent to enforce permission checks before executing sensitive operations and provides an audit logging mechanism (audit.py) to track security events. No evidence of data exfiltration, malicious code execution, or backdoors was found; the system appears legitimately designed to enhance the security of the AI environment.
能力评估
Purpose & Capability
Name/description (permissions, identity, approvals) match the included modules (permission-check, permission-gate, identity-management, audit). No external credentials or unrelated binaries are requested, so capability requests are broadly proportionate to purpose. However, the SKILL.md explicitly instructs edits to a global AGENTS.md to make the skill mandatory for all non-conversational operations, which goes beyond a normal self-contained skill and affects agent-wide behavior.
Instruction Scope
Runtime instructions require you to modify AGENTS.md to insert mandatory security rules that force calling permission-gate and identity-management before any non-conversational operation. That is a cross-cutting, agent-level change (scope creep). The skill's own SKILL.md and sub-skill docs also insist on 'must' behavior and 'never skip' rules — this grants the skill influence over global agent decision flow. Additionally, some instructions reference /workspace files and require copying templates into /workspace/data, which means the skill will read/write your workspace data and log files.
Install Mechanism
No remote install or downloads are declared (instruction-only plus bundled source files). There is no network retrieval of code during install. Risk is limited to files being written into /workspace (data, config, logs) and the user manually editing AGENTS.md as instructed.
Credentials
The skill requests no environment variables or external credentials, which is proportional. However, it requires read/write access to workspace data/config/log paths (/workspace/data, /workspace/config, /workspace/logs) and will store audit logs and user/account data locally; ensure these files may contain PII and protect them. Also note multiple code/data mismatches (e.g., code expects JSON objects with a top-level 'users' or 'accounts' key while provided templates are plain arrays) — this indicates likely runtime errors or need for manual data normalization.
Persistence & Privilege
While the top-level skill has always:false in registry metadata, two included sub-skill SKILL.md files (permission-gate and identity-management) declare metadata marking them as always:true. That gives them permanent inclusion in agent runs (a high-privilege presence). Combined with the instruction to edit AGENTS.md to enforce mandatory calls, this provides the skill broad, persistent control over agent behavior. Consider this a significant privilege that should be consciously authorized.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install nova-permission-system - 安装完成后,直接呼叫该 Skill 的名称或使用
/nova-permission-system触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.3
新增安装后必须操作说明(修改AGENTS.md安全规则)
v1.0.2
丰富标签,优化描述
v1.0.1
- 添加了系统简介和核心亮点,突出安全与易用性。
- 优化了标题和开头部分,增加产品化和宣传文案风格。
- 其余安装、配置、使用等指南内容保持不变。
v1.0.0
Initial release of nova-permission-system.
- Provides a complete permissions authentication system, including permission checking, permission gateway, identity management, and approval flow.
- Includes modules for user and role management, permission configuration, auditing, and data templates.
- Offers a step-by-step installation and integration guide, with code examples for usage in authentication, identity verification, and approval requests.
- Supports test mode, white-listing, and customizable permission rules via configuration files.
- Contains troubleshooting tips, regular maintenance recommendations, and backup instructions.
元数据
常见问题
Nova权限系统 是什么?
提供完整的权限认证系统,包括权限检查、身份管理、审批流程及权限配置模板,支持多平台账号绑定和审计。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 302 次。
如何安装 Nova权限系统?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install nova-permission-system」即可一键安装,无需额外配置。
Nova权限系统 是免费的吗?
是的,Nova权限系统 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Nova权限系统 支持哪些平台?
Nova权限系统 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Nova权限系统?
由 rancho718(@rancho718)开发并维护,当前版本 v1.0.3。
推荐 Skills