← 返回 Skills 市场
3438
总下载
1
收藏
36
当前安装
2
版本数
在 OpenClaw 中安装
/install openclaw-ops-guardrails
功能描述
OpenClaw 运维防呆与排障标准化技能。用于跨设备(Gateway + Mac nodes)巡检、远程执行稳定性治理、CLI-only 兼容、配对/审批异常排查、以及对外发布前脱敏检查。用户提到“又报错了/审批超时/pairing required/system.run failed/如何标准化运维规则”时使用。
安全使用建议
Install only after reviewing the failure playbook. Do not leave approval prompts disabled, use any full-access mode only temporarily and under supervision, and replace command-line tokens with a safer secret mechanism such as an environment variable, secure prompt, or credential store.
功能分析
Type: OpenClaw Skill
Name: openclaw-ops-guardrails
Version: 0.1.1
The skill bundle is designed for operational troubleshooting and includes explicit security-enhancing instructions like `openclaw security audit --deep` and a `Publish Sanitization Checklist`. However, it is classified as 'suspicious' due to the presence of commands that can reduce security controls or leverage powerful tools. Specifically, `references/failure-playbook.md` instructs the agent to set `security=full, ask=off, askFallback=full` to disable approval mechanisms for troubleshooting, which is a significant security control bypass. Additionally, it uses `ssh openclaw-gateway 'hostname; whoami'` for diagnostics, which, while for a stated purpose, involves shell execution via SSH and carries inherent risks if not properly secured or if inputs are compromised. There is no clear evidence of intentional malicious behavior like data exfiltration or backdoor installation.
能力评估
Purpose & Capability
The stated operations and security-audit purpose fits troubleshooting commands, SSH diagnostics, and publish-sanitization guidance, with no evidence of deception or exfiltration.
Instruction Scope
The failure playbook reportedly instructs use of full security with approvals disabled for troubleshooting without clear time limits, prerequisites, or rollback guidance.
Install Mechanism
No installer behavior or package setup evidence indicates hidden persistence, unrelated downloads, or automatic execution beyond the skill documentation.
Credentials
The gateway-token probe pattern puts a sensitive token directly in a command-line example, which can leak through shell history, process listings, or logs.
Persistence & Privilege
Disabling approval prompts while enabling broad execution authority is high-impact and not sufficiently scoped, even though it is framed as troubleshooting.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-ops-guardrails - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-ops-guardrails触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.1
Hardened sanitization: redact server IPs, domains, API endpoints/paths, callbacks, and identifiers
v0.1.0
Initial release: node exec guardrails, failure playbook, sanitization checklist
元数据
常见问题
OpenClaw Ops Guardrails 是什么?
OpenClaw 运维防呆与排障标准化技能。用于跨设备(Gateway + Mac nodes)巡检、远程执行稳定性治理、CLI-only 兼容、配对/审批异常排查、以及对外发布前脱敏检查。用户提到“又报错了/审批超时/pairing required/system.run failed/如何标准化运维规则”时使用。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 3438 次。
如何安装 OpenClaw Ops Guardrails?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-ops-guardrails」即可一键安装,无需额外配置。
OpenClaw Ops Guardrails 是免费的吗?
是的,OpenClaw Ops Guardrails 完全免费(开源免费),可自由下载、安装和使用。
OpenClaw Ops Guardrails 支持哪些平台?
OpenClaw Ops Guardrails 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 OpenClaw Ops Guardrails?
由 xyezir(@xyezir)开发并维护,当前版本 v0.1.1。
推荐 Skills