← 返回 Skills 市场
thebrierfox

Paid Bash Security V1.1

作者 ~K¹yle Million · GitHub ↗ · v1.1.1 · MIT-0
cross-platform ⚠ suspicious
84
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install paid-bash-security-v1-1
功能描述
23-validator bash security chain validated in production Claude Code deployments. Every check closed a real attack vector.
安全使用建议
This package is an instruction-only document that claims to install a 23-validator runtime security chain but contains no validator code or architecture file it references. Do not rely on it for real protection. Before installing or changing your agent's SOUL.md to 'strict': - Demand the actual implementation: request the BASH_SECURITY_ARCHITECTURE.md and the validator scripts or a verifiable install package (GitHub repo or signed release). Verify code existence and review it. - If you want to experiment, keep enforcement in 'audit' mode only and test in a safe environment; do not enable strict blocking until you can confirm validators are present and functioning. - Verify the skill's source and homepage; this package has unknown source and no homepage — treat it as untrusted until provenance is established. - Prefer obtaining security validators from an auditable repository or a vetted vendor rather than a document that only instructs you to edit agent prompts. If the author supplies the missing files and an auditable install mechanism, re-evaluate for coherence and safety.
能力评估
Purpose & Capability
The skill's description asserts it 'installs a 23-validator bash security chain' and 'activates on every exec', but the package contains only SKILL.md (no code, no scripts, no BASH_SECURITY_ARCHITECTURE.md despite referencing it). There is no install spec, no binaries, and no files that could implement runtime validators — i.e., the requested/available artifacts do not support the claimed capability.
Instruction Scope
Runtime instructions tell the user to copy SKILL.md into ~/.openclaw/workspace/skills/... and to change the agent system prompt (SOUL.md) to enable 'strict' enforcement. The instructions claim behavioral changes (validator intercepts every exec) but provide no code or guidance that would actually implement those validators. They do not request unrelated secrets or files, but they misleadingly instruct the user to update persistent agent configuration for a feature that isn't present.
Install Mechanism
There is no install spec and no code files — from an installation-risk perspective this is low risk (nothing will be downloaded or executed). However, low technical risk here is overshadowed by the mismatch between claims and contents.
Credentials
The skill declares no required environment variables, credentials, or config paths. It does ask the operator to edit the agent system prompt (SOUL.md), which is a normal configuration change for behavior, but it does not request secrets or unrelated credentials.
Persistence & Privilege
The skill does not set always:true and is user-invocable (defaults). It instructs changing the agent's SOUL.md to enable enforcement mode — that is a persistent change to agent behavior and should be done cautiously. Autonomous invocation is allowed by default (not a specific red flag), but combining persistent system-prompt changes with the claimed automatic interception behavior is problematic because the validators that would enforce that behavior are absent.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install paid-bash-security-v1-1
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /paid-bash-security-v1-1 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.1
Remove Anthropic attribution language
元数据
Slug paid-bash-security-v1-1
版本 1.1.1
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Paid Bash Security V1.1 是什么?

23-validator bash security chain validated in production Claude Code deployments. Every check closed a real attack vector. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 84 次。

如何安装 Paid Bash Security V1.1?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install paid-bash-security-v1-1」即可一键安装,无需额外配置。

Paid Bash Security V1.1 是免费的吗?

是的,Paid Bash Security V1.1 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Paid Bash Security V1.1 支持哪些平台?

Paid Bash Security V1.1 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Paid Bash Security V1.1?

由 ~K¹yle Million(@thebrierfox)开发并维护,当前版本 v1.1.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 留言讨论