← 返回 Skills 市场
101
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install openclaw-skill-eeta-audit
功能描述
OpenClaw Skill quality audit based on CORE-EEAT framework adapted for AI agent skills. Evaluates skill's utility (task completion efficiency) and security (s...
安全使用建议
This skill appears coherent and appropriate for vetting OpenClaw skills. Before running it: (1) only point the auditor at repositories or directories intended for review — do not feed it directories containing secrets or unrelated system config; (2) avoid supplying real credentials or broad filesystem roots as inputs; (3) if you plan to allow autonomous/automatic audits, restrict which paths the agent can access and consider running audits in an isolated environment; (4) for high-risk or production skills, supplement this automated audit with a manual review of any scripts or binaries the target skill installs or downloads.
功能分析
Type: OpenClaw Skill
Name: openclaw-skill-eeta-audit
Version: 1.0.0
This skill bundle is a comprehensive auditing framework designed to guide an AI agent in evaluating the quality and security of other OpenClaw skills using an adapted CORE-EEAT framework. While the documentation (specifically SKILL.md and references/skill-security-checklist.md) contains examples of dangerous code patterns such as command injection and hardcoded credentials, these are explicitly labeled as vulnerabilities for the agent to detect during audits. The bundle promotes security best practices like the Principle of Least Privilege and Zero Trust, and it contains no executable code or instructions that perform malicious actions, data exfiltration, or unauthorized system access.
能力评估
Purpose & Capability
Name/description match the content: the SKILL.md and references describe an 80-item, multi-gate audit framework for OpenClaw skills. The skill requires no binaries, env vars, or installs, which is reasonable for an instruction-only auditing tool that operates by reading and evaluating skill metadata and files.
Instruction Scope
The instructions direct the agent to inspect SKILL.md files, scripts, references, and gating metadata and to scan for risky patterns (command injection, hardcoded secrets, path traversal, etc.). That behavior is expected for a security-audit skill, but it necessarily involves reading other skill files and code — so the operator should only point the auditor at repositories/files intended for review and avoid exposing directories containing unrelated secrets or credentials.
Install Mechanism
No install spec and no code files means nothing is written to disk and no external downloads occur. This is the lowest-risk installation model and is proportionate for an auditing/instruction-only skill.
Credentials
The skill declares no required environment variables or credentials. The included security checklist explicitly recommends gating on env and permissions when auditing other skills; the skill itself does not ask for unrelated secrets — this is proportionate.
Persistence & Privilege
Defaults allow autonomous invocation (disable-model-invocation: false) but always:false. Autonomous use is the platform default and not inherently problematic here. Operators should be aware that if given permission the agent could run audits automatically; that increases blast radius only if you allow it to access sensitive directories or supply secrets during audits.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-skill-eeta-audit - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-skill-eeta-audit触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of eeat-openclaw-skill-audit, providing automated quality and security audits for OpenClaw Skills.
- Evaluates skills with 80 criteria adapted from the CORE-EEAT framework, covering utility, security, reliability, and more.
- Supports 8 quality gates, from metadata validation to complete audits, with standardized deliverables at each phase.
- Detects critical security vulnerabilities and assigns pass/caution/risk security levels.
- Generates actionable, prioritized improvement recommendations for skill developers.
- Offers tailored scoring for 6 skill categories, accounting for different use case requirements.
- Enables comparative assessment to guide skill selection and maintenance decisions.
元数据
常见问题
openclaw-skill-eeta-audit 是什么?
OpenClaw Skill quality audit based on CORE-EEAT framework adapted for AI agent skills. Evaluates skill's utility (task completion efficiency) and security (s... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 101 次。
如何安装 openclaw-skill-eeta-audit?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-skill-eeta-audit」即可一键安装,无需额外配置。
openclaw-skill-eeta-audit 是免费的吗?
是的,openclaw-skill-eeta-audit 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
openclaw-skill-eeta-audit 支持哪些平台?
openclaw-skill-eeta-audit 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 openclaw-skill-eeta-audit?
由 yaoo-2818(@281862066-a11y)开发并维护,当前版本 v1.0.0。
推荐 Skills