← 返回 Skills 市场
baanish

Pi-hole Control

作者 Aanish Bhirud · GitHub ↗ · v2.0.1
cross-platform ⚠ suspicious
2100
总下载
2
收藏
10
当前安装
2
版本数
在 OpenClaw 中安装
/install pihole
功能描述
Control Pi-hole v6 DNS ad blocker: check status, view stats, enable/disable block, and analyze blocked domains via API.
安全使用建议
Before installing: (1) Inspect the included pihole.sh to confirm it only contacts your Pi‑hole API and does not read unrelated files or contact external endpoints. Check how it sends the API token — avoid command‑line embedding that can appear in process lists. (2) Update/confirm the skill manifest lists required binaries (curl, jq) and required config/env variables (PIHOLE_API_URL, PIHOLE_API_TOKEN, PIHOLE_INSECURE). (3) If you do not want the agent to toggle your network ad blocker autonomously, set disableModelInvocation: true (or require explicit user invocation). (4) Be cautious with the 'insecure' option (curl -k) — use it only on trusted local networks. (5) If you’re unsure, run the script in a restricted environment or review/modify it to log minimal info and not expose secrets.
功能分析
Type: OpenClaw Skill Name: pihole Version: 2.0.1 The OpenClaw Pi-hole skill is classified as benign. The `pihole.sh` script interacts with a user-configured Pi-hole API using `curl` and `jq` for legitimate control and status reporting. Configuration is loaded from environment variables or `clawdbot.json`. Sensitive API tokens are handled securely by being passed in the JSON body and environment variables, not as command-line arguments. While the `insecure: true` option for `curl -k` is present, it is explicitly user-configurable and documented for self-signed certificates on local Pi-hole instances, which is a common and legitimate use case. There is no evidence of data exfiltration, malicious execution, persistence, or prompt injection attempts against the agent in `SKILL.md`.
能力评估
Purpose & Capability
Name and SKILL.md describe Pi‑hole v6 control and the documented API calls match that purpose. However the registry metadata lists no required binaries or env vars while the SKILL.md explicitly requires curl and jq and documents PIHOLE_API_URL/PIHOLE_API_TOKEN/PIHOLE_INSECURE — a manifest mismatch that should be corrected.
Instruction Scope
Runtime instructions are narrowly scoped to calling Pi‑hole API endpoints (auth, status, enable/disable, stats, queries). They do not instruct reading unrelated files or exfiltrating data. Note: the SKILL.md documents an 'insecure' option that adds curl -k (bypassing TLS verification) which reduces transport security when used.
Install Mechanism
This is instruction-only with no install spec, so nothing is written to disk by an installer. That lowers risk. There is one shell script (pihole.sh) included — you should inspect it before enabling the skill.
Credentials
The skill uses a Pi‑hole API token and URL (documented in SKILL.md and as environment variables or Clawdbot config), but the registry metadata declares no required environment variables. The skill appropriately needs only the Pi‑hole credentials, but the manifest should list them explicitly. Also confirm how the included pihole.sh handles the token (environment variable vs command line) because command‑line embedding could expose secrets via process listings on some systems.
Persistence & Privilege
The skill does not set disableModelInvocation and is therefore callable by the model autonomously. Because the skill can enable/disable network ad‑blocking (a disruptive network control), allowing the model to trigger it without explicit user invocation is a meaningful risk. Consider requiring explicit user invocation or setting disableModelInvocation.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install pihole
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /pihole 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.1
Updated to Pi-hole v6 API with session-based authentication, proper SSL handling, and comprehensive security audit. All PII removed.
v2.0.0
Updated to Pi-hole v6 API with session-based authentication, proper SSL handling, and comprehensive security audit
元数据
Slug pihole
版本 2.0.1
许可证
累计安装 10
当前安装数 10
历史版本数 2
常见问题

Pi-hole Control 是什么?

Control Pi-hole v6 DNS ad blocker: check status, view stats, enable/disable block, and analyze blocked domains via API. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2100 次。

如何安装 Pi-hole Control?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install pihole」即可一键安装,无需额外配置。

Pi-hole Control 是免费的吗?

是的,Pi-hole Control 完全免费(开源免费),可自由下载、安装和使用。

Pi-hole Control 支持哪些平台?

Pi-hole Control 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Pi-hole Control?

由 Aanish Bhirud(@baanish)开发并维护,当前版本 v2.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论