← 返回 Skills 市场
3887
总下载
2
收藏
11
当前安装
7
版本数
在 OpenClaw 中安装
/install perry-coding-agents
功能描述
Dispatch coding tasks to OpenCode or Claude Code on Perry workspaces. Use for development work, PR reviews, or any coding task requiring an isolated environment.
安全使用建议
This skill appears to do what it says (dispatch remote coding agents), but there are several red flags you should address before installing or using it:
- Missing declared requirements: The SKILL.md assumes local tools (tailscale, jq, ssh, curl) and a webhook token but the skill metadata declares none. Confirm these prerequisites and provide them securely.
- Undeclared secret: The instructions require an Authorization: Bearer <hooks-token> value. Ask the author to declare required env vars (e.g., PERRY_HOOKS_TOKEN) or explain how tokens are provisioned. Never paste secrets into a skill without understanding storage/use.
- Insecure SSH option: The examples use -o StrictHostKeyChecking=no which disables host key verification and increases MITM risk. Prefer adding known host keys or using a secure SSH config rather than disabling checking.
- Local HTTP callback risk: Remote workspaces are instructed to POST back to your local IP:18789. Ensure that the wake endpoint is bound only to a safe interface, is authenticated, and is not exposed to untrusted networks. Consider firewall/Tailscale ACLs to limit who can reach that port.
- Remote code execution: The skill runs arbitrary commands on remote workspaces via SSH. Only use with workspaces and keys you fully trust. Review remote binaries paths (/home/workspace/.opencode/, /home/workspace/.local/bin/claude) and confirm they are the intended agents.
What would reduce my concern: explicit metadata listing required binaries and environment variables (including hook token), instructions that avoid disabling host-key checking, and clear guidance on securing and scoping the local wake endpoint. If the author provides those clarifications, the skill would look coherent and likely benign; until then treat it cautiously.
功能分析
Type: OpenClaw Skill
Name: perry-coding-agents
Version: 1.5.0
The skill bundle is classified as suspicious primarily due to the use of `ssh -o StrictHostKeyChecking=no` in `SKILL.md`. While this might be intended for automation in trusted environments, it disables host key verification, making SSH connections vulnerable to Man-in-the-Middle (MITM) attacks. Other aspects, such as the `curl` callback to the agent's own IP for task completion, are aligned with the stated purpose and do not show malicious intent. The instructions for the AI agent are workflow-related and do not constitute malicious prompt injection.
能力评估
Purpose & Capability
The name/description (dispatch coding tasks to OpenCode/Claude on Perry workspaces) aligns with the SKILL.md instructions which show SSH-based dispatch to remote workspaces and running opencode/claude binaries. However, the skill declares no required binaries or credentials while the instructions clearly rely on local tools (tailscale, jq, curl, ssh) and a webhook token; this omission is an inconsistency.
Instruction Scope
Runtime instructions tell the agent to run ssh to remote hosts, run remote binaries, and instruct the remote to POST back to a local wake endpoint (http://${WAKE_IP}:18789). They also instruct use of 'tailscale status' to read local Tailscale IPs and to disable SSH host-key checking. These steps access local networking state and require a hook token (Authorization: Bearer <hooks-token>) that is not declared—this extends scope beyond a simple dispatcher and can expose a local HTTP endpoint to remote agents.
Install Mechanism
There is no install spec and no code files—this instruction-only skill does not write code to disk or download external packages, which is the lower-risk model for skills. However, reliance on external CLI tools (ssh, tailscale, jq, curl) is implied by the instructions.
Credentials
The instructions require a webhook 'hooks-token' (Authorization: Bearer <hooks-token>) and implicitly require SSH credentials and access to the local Tailscale identity, but the skill declares no required environment variables, primary credential, or config paths. That mismatch (undeclared secrets and credentials) is a significant proportionality problem: the skill is asking you to use secrets but doesn't document them or how they should be provided/stored.
Persistence & Privilege
The skill does not request persistent presence (always:false) and does not include installation steps that modify agent/system config. It does depend on running background ssh processes but does not itself modify other skills or global settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install perry-coding-agents - 安装完成后,直接呼叫该 Skill 的名称或使用
/perry-coding-agents触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.5.0
Emphasized: always create dex task BEFORE dispatch
v1.4.0
Added concrete end-to-end example
v1.3.0
Trimmed 5KB to 1.7KB - more concise
v1.2.0
Added learnings: no timeouts, task tracking, session reuse, use IPs
v1.1.1
fix: correct webhook endpoint (/hooks/wake) and use hooks.token instead of gateway.auth.token
v1.1.0
Fix: use ~/projname not /workspace, document SSH PATH issues
v1.0.0
Initial release: Dispatch tasks to OpenCode/Claude Code on Perry workspaces
元数据
常见问题
Perry Coding Agents 是什么?
Dispatch coding tasks to OpenCode or Claude Code on Perry workspaces. Use for development work, PR reviews, or any coding task requiring an isolated environment. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 3887 次。
如何安装 Perry Coding Agents?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install perry-coding-agents」即可一键安装,无需额外配置。
Perry Coding Agents 是免费的吗?
是的,Perry Coding Agents 完全免费(开源免费),可自由下载、安装和使用。
Perry Coding Agents 支持哪些平台?
Perry Coding Agents 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Perry Coding Agents?
由 gricha(@gricha)开发并维护,当前版本 v1.5.0。
推荐 Skills