← 返回 Skills 市场
119
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install openclaw-essesseff
功能描述
Interact with the essesseff DevOps platform — call the essesseff Public API (templates, organizations, apps, deployments, images, image lifecycle, environmen...
安全使用建议
This skill appears internally consistent with its stated purpose, but it needs several powerful credentials and access to your GitHub org and Kubernetes context to run the onboarding flows. Before installing: (1) only proceed if you trust the essesseff project and its GitHub repo; (2) use least-privilege tokens (prefer fine‑grained GitHub PATs with exact scopes, rotate them after use); (3) keep .essesseff out of version control and follow the README guidance to delete notifications-secret.yaml after applying it; (4) run the onboarding utility in a controlled environment (correct kubectl context) and review the onboarding scripts in the cloned repo before executing; (5) if you only need read-only API operations, avoid providing org-admin PATs or running the create-app flows.
功能分析
Type: OpenClaw Skill
Name: openclaw-essesseff
Version: 1.0.2
The skill bundle facilitates high-privilege DevOps operations but exhibits suspicious patterns by requiring sensitive credentials (e.g., GITHUB_ORG_ADMIN_PAT with workflow scopes) and instructing the agent to clone and execute external shell scripts (essesseff-onboard.sh) from a remote repository (github.com/essesseff/essesseff-onboarding-utility). It also handles the retrieval of sensitive Kubernetes secrets via the /notifications-secret API endpoint. While aligned with its stated purpose of platform onboarding, the combination of fetch-and-execute behavior and broad credential requirements poses a high risk of abuse or supply-chain compromise.
能力评估
Purpose & Capability
Name/description match the manifest and SKILL.md. Required binaries (curl, bash, git, jq, kubectl) and environment variables (essesseff API key, account slug, GitHub PATs, ArgoCD machine-user token/email, template/app names, K8s namespace) are consistent with the two stated functions (direct API calls and running the onboarding shell utility).
Instruction Scope
SKILL.md instructs only API calls and the onboarding shell workflow (cloning templates, string replacement, creating repos, writing .env files for Argo CD, calling setup scripts). It explicitly documents what secrets are used and which are copied to per-repo .env files. It does not ask the agent to read unrelated system files or transmit secrets to unknown endpoints.
Install Mechanism
This is an instruction-only skill with no install spec and no archive downloads — lowest-risk install profile. All behavior comes from packaged docs and referenced shell scripts in the repo.
Credentials
The skill requests multiple sensitive credentials (ESSESSEFF_API_KEY, ESSESSEFF_ACCOUNT_SLUG, GITHUB_ORG_ADMIN_PAT, GITHUB_TOKEN, ARGOCD_MACHINE_USER/EMAIL). These appear justified by the two operation modes (subscriber mode requires essesseff API key and account slug; non-subscriber app creation requires an org-admin PAT; Argo CD setup requires a machine-user token/email). Users should ensure tokens use minimal scopes (prefer fine-grained PATs) and understand which token is used for which operation.
Persistence & Privilege
The skill is not always-enabled and does not request elevated agent-wide persistence. It writes per-repo .env files and may write a local .essesseff config file when running the onboarding utility — behavior expected and documented. It does not modify other skills or system-wide agent settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-essesseff - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-essesseff触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
- Added ESSESSEFF_ACCOUNT_SLUG, GITHUB_ORG_ADMIN_PAT, TEMPLATE_NAME, TEMPLATE_IS_GLOBAL, and K8S_NAMESPACE to required environment variables.
- Specified ESSESSEFF_API_KEY as the primary environment variable.
- No changes to functionality or API usage; metadata requirements updated for improved clarity and integration.
v1.0.1
- Added new binary requirements: bash, git, jq, kubectl.
- Introduced additional required environment variables: GITHUB_TOKEN, ARGOCD_MACHINE_USER, ARGOCD_MACHINE_EMAIL, GITHUB_ORG, APP_NAME.
- No other functional or documentation changes detected.
v1.0.0
Initial release of the openclaw-essesseff skill.
- Enables interaction with the essesseff DevOps ALM platform via both HTTP API and onboarding utility shell script.
- Supports management of templates, organizations, apps, deployments, images, image lifecycle, environments, retention policies, and packages.
- Automates app creation and Argo CD environment setup using essesseff-onboard.sh.
- Provides detailed API endpoint mapping for both global and account-specific actions.
- Documents required authentication, rate limits, lifecycle actions, and error codes.
元数据
常见问题
essesseff DevOps ALM 是什么?
Interact with the essesseff DevOps platform — call the essesseff Public API (templates, organizations, apps, deployments, images, image lifecycle, environmen... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 119 次。
如何安装 essesseff DevOps ALM?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-essesseff」即可一键安装,无需额外配置。
essesseff DevOps ALM 是免费的吗?
是的,essesseff DevOps ALM 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
essesseff DevOps ALM 支持哪些平台?
essesseff DevOps ALM 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 essesseff DevOps ALM?
由 adamdurst(@adamdurst)开发并维护,当前版本 v1.0.2。
推荐 Skills