← 返回 Skills 市场
simonvanlaak

Openclaw Skill Clawban

作者 Simon van Laak · GitHub ↗ · v0.1.6
cross-platform ⚠ suspicious
457
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install openclaw-skill-clawban
功能描述
Kanban Workflow is a TypeScript skill for a stage-based agentic co-worker that integrates PM platforms via CLI-first adapters (CLIs or small wrapper scripts)...
安全使用建议
This skill appears to be a genuine CLI-first Kanban integrator, but there are a few mismatches and practical risks to consider before installing: - Metadata vs reality: The registry metadata claims no required binaries or env vars and no install step, but the repository and SKILL.md require Node/npm (npm ci) and adapter CLIs (gh, planka-cli, plane, curl, jq). Expect to run npm ci and to install adapter CLIs yourself. - Credentials: If you enable the Plane or Linear adapters you will need PLANE_API_KEY/PLANE_WORKSPACE or LINEAR_API_KEY. The linear wrapper script (scripts/linear_json.sh) sends LINEAR_API_KEY in an Authorization header to api.linear.app — review that script and only provide API keys you trust and scope to least privilege. - Privilege inheritance: The skill shells out to platform CLIs and acts with the same permissions those CLIs or API keys have. Ensure CLI sessions and tokens are scoped appropriately (least privilege) before using the skill. - Cron/install behavior: The skill can optionally install an autopilot cron job. If you use that option, verify what it writes (the cron entry and command) and ensure it runs in an environment with only the credentials you intend. - Review scripts and code: The included scripts (linear_json.sh, planka_whoami_json.mjs) and TypeScript files are readable; scan them to confirm there are no unexpected network destinations or obfuscated logic. There are no scanner flags in the provided data, but the metadata inconsistencies above warrant manual review. Recommended actions: review the two wrapper scripts and package.json, run npm ci in an isolated environment if you plan to execute locally, provide adapter API keys only when necessary and with least privilege, and avoid using the autopilot cron install until you have inspected what it will create.
功能分析
Type: OpenClaw Skill Name: openclaw-skill-clawban Version: 0.1.6 The skill is classified as suspicious due to multiple command injection vulnerabilities across its adapters. User-controlled input (e.g., work item titles, bodies, labels, IDs, project IDs, state IDs) is passed directly as arguments to external CLIs (gh, plane, planka-cli, and the scripts/linear_json.sh wrapper) without explicit sanitization. While `execa` is used to prevent shell injection, it does not prevent argument injection into the target CLI's own parsing logic. This vulnerability is present in `src/adapters/github.ts`, `src/adapters/linear.ts`, `src/adapters/plane.ts`, `src/adapters/planka.ts`, and potentially in `src/cli.ts` when installing the OpenClaw cron job. The skill's transparently declared privilege inheritance model (executing with the full privileges of the underlying CLIs) amplifies the impact of these vulnerabilities.
能力评估
Purpose & Capability
The code and SKILL.md describe a Node.js TypeScript CLI that shells out to platform CLIs and wrapper scripts (GitHub, Plane, Planka, Linear). That capability matches the skill's description. However the registry metadata lists no required binaries/envs and claims 'instruction-only' (no install spec), while SKILL.md and package.json explicitly require node/npm, npm ci, and adapter CLIs (gh, planka-cli, plane, curl/jq) and the repo contains package.json + many source files. This mismatch (metadata saying none, files saying many) is an incoherence you should be aware of.
Instruction Scope
SKILL.md and SECURITY.md state the core uses adapter CLIs for auth (inherits CLI session) and does not persist tokens. That is mostly true, but some included helper scripts contradict the 'no direct HTTP auth' claim: scripts/linear_json.sh performs direct HTTP calls to api.linear.app using LINEAR_API_KEY (curl + jq). Adapters and scripts run arbitrary CLIs/execa and may read/write config/kanban-workflow.json and can install a cron job via --autopilot-install-cron. The instructions do not attempt to read unrelated host files, nor do they mention exfiltrating data to unexpected endpoints, but they do instruct network calls to third-party APIs and reliance on adapter-provided credentials.
Install Mechanism
There is no registry-level install spec (the skill is 'instruction-only' at registry level), which is lower risk, but the repo includes package.json, package-lock.json and SKILL.md explicitly recommends running `npm ci` to install dependencies. If you plan to run this skill you will need to run npm ci locally; the skill will not automatically provide audited binaries. No downloads from obscure URLs or extract/install instructions are present in the bundle itself.
Credentials
Top-level registry metadata shows no required env vars, while SKILL.md documents adapter-specific optional envs (PLANE_API_KEY, PLANE_WORKSPACE, LINEAR_API_KEY). The scripts include a linear wrapper (scripts/linear_json.sh) that requires LINEAR_API_KEY and performs HTTP requests with it. Those credentials are proportionate to the adapters' purposes, but the metadata omission is an inconsistency that could lead a user to underestimate secret exposure. Also note: the skill acts with whatever privileges the installed platform CLIs or API keys have.
Persistence & Privilege
The skill does not request always:true and does not declare elevated system-wide privileges. It writes a repo-local config file (config/kanban-workflow.json) and offers an option to install an OpenClaw cron job (--autopilot-install-cron). Both behaviors are expected for this kind of automation and are called out in the docs; there is no evidence the skill attempts to modify other skills' configs or system tokens.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install openclaw-skill-clawban
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /openclaw-skill-clawban 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.6
Republish as latest: clarified assigned-only + multi-scope semantics.
v0.1.5
Docs: clarify assigned-only queue semantics + multi-scope consistency requirements across adapters.
元数据
Slug openclaw-skill-clawban
版本 0.1.6
许可证
累计安装 0
当前安装数 0
历史版本数 2
常见问题

Openclaw Skill Clawban 是什么?

Kanban Workflow is a TypeScript skill for a stage-based agentic co-worker that integrates PM platforms via CLI-first adapters (CLIs or small wrapper scripts)... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 457 次。

如何安装 Openclaw Skill Clawban?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-skill-clawban」即可一键安装,无需额外配置。

Openclaw Skill Clawban 是免费的吗?

是的,Openclaw Skill Clawban 完全免费(开源免费),可自由下载、安装和使用。

Openclaw Skill Clawban 支持哪些平台?

Openclaw Skill Clawban 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Openclaw Skill Clawban?

由 Simon van Laak(@simonvanlaak)开发并维护,当前版本 v0.1.6。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论