← 返回 Skills 市场
Pilot S3 Bridge
作者
Calin Teodor
· GitHub ↗
· v1.0.0
· MIT-0
79
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install pilot-s3-bridge
功能描述
Access cloud storage (S3, GCS, Azure Blob) through a Pilot bridge agent. Use this skill when: 1. You need to transfer files to/from cloud storage via Pilot a...
安全使用建议
This skill looks like it does what it says (bridge cloud storage via a Pilot agent) but the SKILL.md and the registry metadata don't match. Before installing or running it: 1) don't export long-lived AWS keys into a shell without careful thought — prefer IAM roles, short-lived tokens, or scoped service accounts and grant the bridge only the minimum permissions (specific buckets/prefixes and only required actions). 2) Ensure required binaries (aws CLI, jq, and any cloud CLIs you need) are installed and come from trusted sources; update the skill metadata to list them. 3) Avoid running the daemon with --public unless you understand the network exposure; prefer private network/VPC or firewall rules and rate limits. 4) Review and test the loop in an isolated environment (no production credentials) to verify it doesn't leak local data or accept dangerous commands from untrusted senders; the skill currently forwards raw aws/ls output back to send-message without escaping. 5) Ask the publisher for an updated SKILL.md/metadata that declares required env vars and CLIs, documents recommended credential handling, and clarifies security considerations. If you cannot obtain those clarifications, treat the skill as risky and run only in a well-restricted, monitored environment.
功能分析
Type: OpenClaw Skill
Name: pilot-s3-bridge
Version: 1.0.0
The skill provides a bridge for cloud storage via the 'pilotctl' utility, but the example implementation in SKILL.md contains critical shell injection vulnerabilities. Specifically, the bash workflow uses unsanitized output from jq (e.g., $BUCKET and $KEY) directly within 'aws s3' command strings, which could allow an attacker to execute arbitrary commands. While these appear to be unintentional security flaws rather than intentional malware, the combination of insecure command execution and the requirement for AWS credentials makes the bundle high-risk.
能力标签
能力评估
Purpose & Capability
The skill claims to bridge S3/GCS/Azure via a Pilot agent and declares pilotctl as a required binary, which is coherent. However, the runtime instructions also rely on aws (AWS CLI), jq and potentially gsutil/az CLI for other clouds, plus exporting cloud credentials — none of these are declared in the metadata. The undeclared dependencies are disproportionate to the declared requirements and should have been declared.
Instruction Scope
SKILL.md contains concrete shell code that: starts a public pilot daemon, runs an infinite listen loop, writes received payloads to /tmp and runs aws s3 cp using BUCKET/KEY values from incoming messages, and instructs manual export of AWS keys. It also sends raw command output back to send-message (unescaped), which can leak data or cause parsing problems. The instructions explicitly require reading environment variables and executing network/cloud commands outside what the metadata advertised.
Install Mechanism
This is an instruction-only skill with no install spec or files written at install time, which minimizes install-time risk. The runtime still depends on external CLIs (pilotctl, aws, jq, possibly gsutil/az) being present on PATH.
Credentials
The SKILL.md tells operators to export AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY (and references other cloud CLIs), but the skill metadata declares no required environment variables or primary credential. Requesting cloud credentials is reasonable for a bridge, but the omission in metadata is a mismatch and the skill gives no guidance on limiting scope (least privilege, using short-lived creds, or roles).
Persistence & Privilege
The skill does not request always:true, but the example instructs running pilotctl daemon start --public and a persistent listener loop, which exposes the agent to incoming network messages. Making the daemon public increases the attack surface and amplifies the impact of any credential misuse or malformed requests.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install pilot-s3-bridge - 安装完成后,直接呼叫该 Skill 的名称或使用
/pilot-s3-bridge触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release
元数据
常见问题
Pilot S3 Bridge 是什么?
Access cloud storage (S3, GCS, Azure Blob) through a Pilot bridge agent. Use this skill when: 1. You need to transfer files to/from cloud storage via Pilot a... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 79 次。
如何安装 Pilot S3 Bridge?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install pilot-s3-bridge」即可一键安装,无需额外配置。
Pilot S3 Bridge 是免费的吗?
是的,Pilot S3 Bridge 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Pilot S3 Bridge 支持哪些平台?
Pilot S3 Bridge 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Pilot S3 Bridge?
由 Calin Teodor(@teoslayer)开发并维护,当前版本 v1.0.0。
推荐 Skills