← 返回 Skills 市场
115
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install openclaw-admin-main
功能描述
Provides a web interface to monitor OpenClaw nodes, manage agent configurations, oversee resource usage, security policies, and review system logs.
安全使用建议
This package appears to implement what it claims (a web admin UI plus a Node.js backend), but the registry metadata and SKILL.md do not fully describe how to install, run, or supply credentials. Before installing or running: 1) Treat the source as untrusted until you verify origin—the Homepage is missing and owner is unknown. 2) Inspect server/index.js and server/gateway.js to confirm there are no hardcoded remote endpoints or telemetry/exfil behavior. 3) Do not provide production OpenClaw tokens or passwords until you run it in an isolated test VM or container. 4) Expect to run: npm install, npm run build, and npm run start (or node --env-file=.env server/index.js) and to supply env vars (OPENCLAW_WS_URL, OPENCLAW_AUTH_TOKEN or OPENCLAW_AUTH_PASSWORD, PORT). 5) Restrict network access (firewall, bind to localhost) and review .env.example to understand which secrets the app will read. 6) Consider running npm audit, verifying dependency integrity, and running the server in a sandbox/container with limited filesystem and network privileges. If you want, share server/index.js and server/gateway.js contents and I can point out specific lines to review for sensitive operations or hidden endpoints.
功能分析
Type: OpenClaw Skill
Name: openclaw-admin-main
Version: 0.2.8
The bundle provides a legitimate administrative dashboard for OpenClaw, offering features such as remote terminal access via 'node-pty', file system management, and system monitoring. High-risk capabilities, including the ability to execute shell commands for NPM updates and spawning VNC sessions for remote desktop access (found in 'server/index.js'), are clearly aligned with the tool's stated purpose as an administrative interface. While some endpoints exhibit potential vulnerabilities like weak input sanitization in the media and update handlers, there is no evidence of intentional malice, obfuscation, or unauthorized data exfiltration. The inclusion of 'ssh2' and 'better-sqlite3' supports the documented management and logging features.
能力标签
能力评估
Purpose & Capability
The codebase (frontend + server + RPC/WebSocket client + sqlite storage + terminal/SSH support) matches the claimed purpose (administrative dashboard for OpenClaw). However the skill metadata declares no required environment variables or binaries even though package scripts and .env.example show the server expects OPENCLAW_WS_URL, OPENCLAW_AUTH_TOKEN / OPENCLAW_AUTH_PASSWORD, PORT, and other envs. That omission is an inconsistency that should be corrected before trusting/Installing.
Instruction Scope
SKILL.md gives a high-level deployment command (clawhub publish ...) and prerequisite notes but omits concrete developer/run steps present in package.json (npm install, npm run build, npm run start or node --env-file=.env server/index.js) and does not warn that the backend will open network ports and persist to a SQLite DB. The runtime instructions therefore under-specify operations that materially affect the system (network listeners, local database, possible terminal/SSH features).
Install Mechanism
There is no explicit install spec in the skill registry (instruction-only), but a full codebase with package.json is included. Installation will require npm install / build and will pull many dependencies (express, ws, ssh2, node-pty, better-sqlite3, etc.). Those dependencies are consistent with the app's features; there are no obvious external download URLs or extract steps in the manifest. The risk here is operational (missing install guidance) rather than supply-chain downloads from suspicious hosts.
Credentials
The registry declares no required environment variables or credentials, yet the code and .env.example reference gateway connection credentials (OPENCLAW_WS_URL, OPENCLAW_AUTH_TOKEN, OPENCLAW_AUTH_PASSWORD), possibly media/storage paths, and server ports. The backend can access local filesystem (data directory, sqlite) and network (connecting to OpenClaw Gateway, listening for incoming connections, SSH/remote terminal). Requesting gateway credentials and the ability to run a networked backend is proportionate to an admin console, but the omission from declared metadata and lack of explicit guidance about safely providing secrets is a concern.
Persistence & Privilege
The project contains a server component that persists data (better-sqlite3 database files) and opens network interfaces. The skill metadata does not request always:true and does not claim automatic persistent presence. That is consistent: the backend must be run explicitly to be persistent. However, SKILL.md doesn't warn users that running the server will create local databases and listen on ports, so the persistence implications are under-documented.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-admin-main - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-admin-main触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.8
- Added comprehensive SKILL.md documentation describing the administrative web interface for OpenClaw.
- Details on node monitoring, agent configuration, and system oversight now available.
- Provides installation, setup, and troubleshooting guidance for easier deployment and management.
元数据
常见问题
OpenClaw Admin Main 是什么?
Provides a web interface to monitor OpenClaw nodes, manage agent configurations, oversee resource usage, security policies, and review system logs. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 115 次。
如何安装 OpenClaw Admin Main?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-admin-main」即可一键安装,无需额外配置。
OpenClaw Admin Main 是免费的吗?
是的,OpenClaw Admin Main 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
OpenClaw Admin Main 支持哪些平台?
OpenClaw Admin Main 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 OpenClaw Admin Main?
由 wufan2026(@wufan2026)开发并维护,当前版本 v0.2.8。
推荐 Skills