← 返回 Skills 市场
wscats

omg

作者 enoyao · GitHub ↗ · v1.0.8 · MIT-0
cross-platform ⚠ suspicious
104
总下载
0
收藏
0
当前安装
8
版本数
在 OpenClaw 中安装
/install omg
功能描述
反蒸馏被动检测与告警技能 - 监控请求模式,检测潜在的知识蒸馏行为并告警操作者。仅被动检测,不修改任何响应内容。
安全使用建议
This skill's purpose (passive detection of distillation-style request patterns and alerting the operator) is reasonable and the instruction-only format keeps install risk low. Before installing: (1) resolve the inconsistency between the platform/registry metadata and the SKILL.md about autonomous invocation and required env vars — confirm the platform will honor disable_model_invocation: true if you require no autonomous runs; (2) confirm exactly which metadata fields the platform supplies (are prompts actually hashed? what salt/algorithm is used?) because 'prompt_hash' may be reversible for short prompts; (3) avoid configuring webhook or email endpoints you don't fully control or trust — alerts could leak aggregate metadata off-platform; (4) request a test run in a non-production environment and inspect the exact alert payloads and logs to ensure no message bodies or identity fields are being included; (5) if you accept the skill, prefer default 'log' channel (local audit log) over external channels and limit alert recipients. If you need further analysis, provide the platform's permissions model and which of the declared metadata fields it actually supplies so I can reassess.
功能分析
Type: OpenClaw Skill Name: omg Version: 1.0.8 The 'anti-distillation' skill is a passive monitoring tool designed to detect and alert operators to potential knowledge distillation attempts. It requests appropriate permissions (request_metadata_read and alert_send) and uses environment variables for optional alerting via webhooks or SMTP. While the SKILL.md contains unprofessional and aggressive language in its appendix directed at 'distillers,' the core instructions to the AI agent emphasize passive detection without modifying responses or taking automated actions, showing no evidence of malicious intent or unauthorized data exfiltration.
能力评估
Purpose & Capability
Name and description (anti-distillation, passive detection + alerting) align with the declared runtime behavior: read-only request metadata analysis and operator alerts. Requested permissions in SKILL.md (request_metadata_read, alert_send) are appropriate for this purpose. No unnecessary binaries or unrelated credentials are demanded in the instructions.
Instruction Scope
SKILL.md describes only reading metadata fields (timestamps, prompt_hash, request_count, parameter_signature, etc.) and explicitly excludes identity and body fields. However: (1) the outer registry metadata provided with this evaluation lists no required env vars and shows disable-model-invocation=false, while SKILL.md lists optional env vars for webhooks/SMTP and sets disable_model_invocation: true — this is an inconsistency about what the runtime will actually do; (2) the promise to 'never read' identity/request bodies is a behavioral assertion the skill cannot independently enforce — it depends on the platform providing only the listed fields; (3) prompt_hash and other metadata can still be sensitive (hashes may be reversible or linkable by brute force), so the claimed privacy guarantees are partly dependent on platform implementation and hashing strength.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk (nothing is written to disk by the skill).
Credentials
SKILL.md declares optional environment variables only for non-default alert channels (webhook URL, SMTP host and credentials, recipient). These are plausible for alert delivery, and SMTP_CREDENTIALS are marked as secret. However, the outer metadata reported 'Required env vars: none' which conflicts with SKILL.md's optional env settings. If a webhook or SMTP is configured, metadata or aggregated alerts could be transmitted off-platform, creating an exfiltration risk of request-pattern metadata; users should ensure they trust the alert endpoint and validate what fields are included in alerts.
Persistence & Privilege
SKILL.md sets autonomous: false and disable_model_invocation: true (no autonomous invocation), and always: false — but the registry metadata supplied with the evaluation indicates disable-model-invocation: false (default). This mismatch is material: if the platform honors the registry rather than the SKILL.md, the skill could be invoked autonomously. While the skill claims only passive detection, autonomous invocation combined with external alert channels increases blast radius. There is no request to modify other skills or system settings.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install omg
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /omg 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.8
Version 1.0.8 Changelog - Added `disable_model_invocation: true` to explicitly prevent model calls. - Introduced a `requires_env` section to specify required environment variables when using webhook or email alert channels. - Expanded documentation on precisely which request metadata fields may be accessed, and clarified which data is strictly excluded for privacy. - Detailed alert channel credentials/environment requirements and enforced usage of secure secret storage for sensitive configurations. - No logic, detection, or permission scope changes outside of SKILL.md documentation/config refactor.
v1.0.7
No file or documentation changes detected for omg 1.0.7. - No changes included in this version. - Behavior and functionality remain the same as the previous release.
v1.0.6
**Version 2.0.0 — Major Update: Anti-distillation skill is now passive and non-intrusive.** - Skill now focuses solely on passive detection and alerting suspicious knowledge distillation attempts. - All active countermeasures (e.g., response modification, data poisoning, watermarks, confusion) are permanently removed. - Only monitors request metadata and patterns; never accesses response content or user identity. - Sends structured alerts to operators upon detection, leaving all action/mitigation to human operators. - Detection sensitivity and alert settings are fully configurable; no automated enforcement or blacklisting. - Updated permissions: strictly request metadata read and operator alert send only.
v1.0.5
Version 1.0.5 Changelog - Updated the skill description in SKILL.md (added playful language and a dog emoji). - No changes to logic, features, or code—documentation only.
v1.0.4
- License changed from WTFPL to MIT for broader compatibility. - Added the "always: false" field to SKILL.md for explicit runtime behavior. - Tag list updated: replaced "counter-attack" and "watermark" with "defense" and "ai-safety". - Price and description field formatting improved and made more concise. - Minor wording and formatting cleanups for clarity and consistency.
v1.0.3
- Added a structured YAML front matter to SKILL.md with metadata (name, version, description, author, license, platforms, tags, price). - No changes to the technical or narrative content of the skill itself. - Improves compatibility with various platforms by clearly defining skill metadata at the top of the file.
v1.0.2
- Major update: SKILL.md fully replaced with a new, satirical "Anti-Distillation" manifesto and specification. - Original detailed documentation for the "水源社区" (SJTU Discourse forum) was removed. - New skill concept: Responds humorously and aggressively to knowledge distillation and model-stealing attempts. - Adds multi-layer fictional defense mechanisms: chaos wall, phantom clones, cognitive traps, and linguistic watermarking. - Includes scenario examples, achievement system, and playful declarations targeting would-be model distillers. - All prior technical content and guides for the original skill are superseded by this creative rewrite.
v1.0.1
- Added detailed multi-level usage guide for 水源社区 (shuiyuan.sjtu.edu.cn), covering browsing, interaction, advanced features, and technical details. - Introduced progressive disclosure: from basic browsing (no login) to advanced technical/API reference. - Explained forum structure, key navigation, notification system, and search/filter capabilities. - Documented cookies, browser APIs, and main Discourse API endpoints. - Included a quick reference card for frequently used actions and navigation.
元数据
Slug omg
版本 1.0.8
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 8
常见问题

omg 是什么?

反蒸馏被动检测与告警技能 - 监控请求模式,检测潜在的知识蒸馏行为并告警操作者。仅被动检测,不修改任何响应内容。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 104 次。

如何安装 omg?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install omg」即可一键安装,无需额外配置。

omg 是免费的吗?

是的,omg 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

omg 支持哪些平台?

omg 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 omg?

由 enoyao(@wscats)开发并维护,当前版本 v1.0.8。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论