← 返回 Skills 市场
Operator Skill
作者
404-UNKNOW
· GitHub ↗
· v0.1.0
356
总下载
0
收藏
2
当前安装
1
版本数
在 OpenClaw 中安装
/install operator-skill
功能描述
Orchestrates collaborative agent sessions with secure, fault-tolerant CRDT persistence and instant crash-proof state recovery.
安全使用建议
Do not install this skill until the author clarifies and fixes several inconsistencies. Specifically ask for: (1) a corrected package.json that matches imports (either change import to the declared package or update dependencies to include 'loro-crdt'), (2) explanation of package-lock contents (why unrelated dependencies are present), (3) included build artifact (dist/index.js) or a clear build/install instruction, and (4) explicit declaration of the dependency on agent-comm-skill (or remove the relative import and verify signatures locally with a known Ed25519 library). Also review the source of the agent-comm-skill if signature verification remains delegated — it will have the ability to inspect/validate payloads and could expand the skill's effective privilege. If you proceed, run the skill in a sandboxed environment, limit file write permissions to an isolated folder, and avoid granting broad host access until the above issues are resolved.
功能分析
Type: OpenClaw Skill
Name: operator-skill
Version: 0.1.0
The skill bundle exhibits several high-risk indicators, most notably a dependency mismatch and a critical Path Traversal vulnerability. The 'index.ts' file imports 'loro-crdt', but 'package.json' and 'package-lock.json' specify 'loro' (v1.0.6), a package that atypically depends on 'express' and 'body-parser', suggesting a potential typosquatting or supply chain attack. Furthermore, the 'team.sync' and 'team.load' actions in 'index.ts' use the 'sessionId' parameter directly in 'path.join' without sanitization, allowing an attacker to read or append data to arbitrary files on the system (e.g., via '../../' sequences). While these behaviors are highly risky, they are classified as suspicious rather than malicious because the provided code logic follows the stated purpose of CRDT persistence and the harmful intent of the external 'loro' dependency cannot be confirmed without its source code.
能力评估
Purpose & Capability
The skill claims to provide Ed25519-verified CRDT persistence and crash-proof recovery — the TypeScript implementation does perform snapshot + append-only update handling as described. However, the code imports 'loro-crdt' while package.json declares dependency 'loro' (mismatch), and package-lock.json contains a large, unrelated dependency tree. These dependency/package inconsistencies are not proportionate to the described purpose and indicate the package metadata may be incorrect or copied from another project.
Instruction Scope
SKILL.md promises built-in Ed25519 verification, but the implementation delegates verification to agentComm('message.verify') imported from a relative path '../agent-comm-skill/index.ts'. That external dependency is not declared anywhere (plugin.json/metadata do not reference it). Relying on another skill via a relative import is unusual, undocumented in the SKILL.md, and could alter or expand runtime behavior (or simply fail at runtime if the referenced file isn't present).
Install Mechanism
There is no install spec (instruction-only / code included), which is lower risk in itself, but the repository contains TypeScript source with package.json pointing to an output 'dist/index.js' that is not included in the package files list. package-lock.json is large and contains many packages unrelated to package.json's declared dependency list. The missing build artifact (dist) plus an inconsistent lockfile suggests the published bundle is incomplete or mismatched with its metadata, which could cause broken installs or hide unreviewed dependencies.
Credentials
The skill does not request environment variables or external credentials and writes only to data/sessions in the current working directory. That file access is consistent with its purpose. However, because signature verification is delegated to another skill (agent-comm-skill) via an imported function, the effective environment/scope at runtime may include whatever that other skill does — this expands the trusted surface and should be verified.
Persistence & Privilege
The skill is not always-enabled and uses only file read/write operations under data/sessions per plugin.json. It does not request elevated platform privileges in the metadata. This is reasonable for a persistence/orchestration skill.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install operator-skill - 安装完成后,直接呼叫该 Skill 的名称或使用
/operator-skill触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
operator-skill 0.1.0
- Initial release of the Skill Operator for collaborative agent orchestration.
- Persistent session management using Loro-CRDT and append-only logs.
- Includes actions to create, sync, and load collaborative sessions.
- Supports secure incremental updates with Ed25519 signature verification.
- Provides crash-proof state recovery with Snapshot + Write-Ahead Logging (WAL).
- Delivers high performance and fault-tolerance for collaborative workflows.
元数据
常见问题
Operator Skill 是什么?
Orchestrates collaborative agent sessions with secure, fault-tolerant CRDT persistence and instant crash-proof state recovery. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 356 次。
如何安装 Operator Skill?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install operator-skill」即可一键安装,无需额外配置。
Operator Skill 是免费的吗?
是的,Operator Skill 完全免费(开源免费),可自由下载、安装和使用。
Operator Skill 支持哪些平台?
Operator Skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Operator Skill?
由 404-UNKNOW(@404-unknow)开发并维护,当前版本 v0.1.0。
推荐 Skills