← 返回 Skills 市场
1513
总下载
0
收藏
4
当前安装
3
版本数
在 OpenClaw 中安装
/install openclaw-signet
功能描述
Cryptographic skill verification. Sign installed skills with SHA-256 content hashes and verify they haven't been tampered with. Detects modified, added, and removed files within skill directories. Free alert layer — upgrade to openclaw-signet-pro for rejection, quarantine, and trust chain restoration.
安全使用建议
This tool appears to do what it says: locally sign and verify skills and optionally quarantine or restore them. Before installing or running: (1) review the included scripts/signet.py yourself (it's a single-file Python tool) because it will write manifests and move/rename skill directories when you use quarantine/reject/restore; (2) back up your workspace (or ensure version control) before using quarantine/reject or restore operations; (3) run sign once after installing trusted skills to create the initial manifest; (4) consider file-permission protection for the .signet/manifest and snapshots if you want to prevent unauthorized local modification; (5) be aware that if you allow autonomous agent invocation, the agent could run this script and perform quarantines or restores — that behavior is expected but may be impactful, so restrict agent privileges if you want to avoid automated modifications.
功能分析
Type: OpenClaw Skill
Name: openclaw-signet
Version: 1.0.2
The OpenClaw Signet skill is designed for a security-enhancing purpose (cryptographic verification of other skills) and lacks direct evidence of malicious intent, such as data exfiltration or backdoor installation. However, it is classified as 'suspicious' due to its powerful file system manipulation capabilities (`shutil.move`, `shutil.copytree`, `shutil.rmtree`) within the `scripts/signet.py` file. While these operations are necessary for its stated purpose (quarantining, snapshotting, restoring skills), the script allows the `--workspace` argument to be user-defined or derived from environment variables. This presents a significant vulnerability if an AI agent or user were prompted to specify a malicious workspace path (e.g., a critical system directory), potentially leading to unintended data loss or system disruption, even though the skill itself does not *intend* to cause harm.
能力评估
Purpose & Capability
Name/description (sign and verify skills with SHA-256) matches the files and instructions. The script only needs python3 and operates on the workspace/skills tree, computes file hashes, and writes a local manifest and snapshots/quarantine directories. No unrelated credentials, binaries, or external services are requested.
Instruction Scope
SKILL.md instructs running the included Python script with a --workspace argument. The script's visible behaviour is limited to walking skill directories, hashing files, saving a manifest, and taking local actions (quarantine/snapshots/restore). It only reads optional OPENCLAW_WORKSPACE env var to locate the workspace; it does not reference other system paths or transmit data externally in the shown code.
Install Mechanism
There is no installer; this is instruction-plus-script. README suggests cloning the repo into the workspace. No network calls or remote downloads are performed by the script (stdlib-only). No extract/download install steps are present in the registry metadata.
Credentials
The skill declares no required environment variables or credentials. The script optionally reads OPENCLAW_WORKSPACE to resolve workspace location, which is reasonable for its function. It does not ask for API keys, tokens, or unrelated secrets.
Persistence & Privilege
The skill is not forced-always (always:false) and is user-invocable. The script writes a manifest and may move/rename skill directories to quarantine or create snapshots under the workspace, which are necessary for its functionality but are destructive actions if used accidentally. The skill can be invoked by the agent (disable-model-invocation:false), which is normal for skills — be aware that agent-initiated runs could modify skill files without further prompts.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-signet - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-signet触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
openclaw-signet v1.0.2
- Removed mention and description of "openclaw-signet-pro" from documentation.
- Updated SKILL.md to focus solely on the core functionality, with simplified wording.
- No changes to core commands or logic; this is a documentation update only.
v1.0.1
- Updated README.md for documentation improvements.
- No changes to functionality or code.
v1.0.0
Initial release of openclaw-signet — basic cryptographic verification for installed skills.
- Sign installed skills using SHA-256 content hashes to create a trusted manifest.
- Verify skills any time to detect file modification, addition, or removal.
- Reports tampered files, unsigned skills, and overall verification status with clear exit codes.
- Includes commands to sign, verify, list, and check the status of skills.
- Python standard library only; no external dependencies or network use.
- Compatible with darwin, linux, and win32 systems.
元数据
常见问题
Openclaw Signet 是什么?
Cryptographic skill verification. Sign installed skills with SHA-256 content hashes and verify they haven't been tampered with. Detects modified, added, and removed files within skill directories. Free alert layer — upgrade to openclaw-signet-pro for rejection, quarantine, and trust chain restoration. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1513 次。
如何安装 Openclaw Signet?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-signet」即可一键安装,无需额外配置。
Openclaw Signet 是免费的吗?
是的,Openclaw Signet 完全免费(开源免费),可自由下载、安装和使用。
Openclaw Signet 支持哪些平台?
Openclaw Signet 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(darwin, linux, win32)。
谁开发了 Openclaw Signet?
由 AtlasPA(@atlaspa)开发并维护,当前版本 v1.0.2。
推荐 Skills