← 返回 Skills 市场
Pincer
作者
panzacoder
· GitHub ↗
· v1.0.1
1412
总下载
0
收藏
2
当前安装
2
版本数
在 OpenClaw 中安装
/install pincer
功能描述
Security-first wrapper for installing agent skills. Scans for malware, prompt injection, and suspicious patterns before installation. Use instead of `clawhub install` for safer skill management.
安全使用建议
This skill is designed to add a safety layer around 'clawhub install' and its code matches that purpose. Before installing, note: (1) pincer requires clawhub, uvx (mcp-scan), jq and commonly 'file' at runtime — the registry metadata only listed 'pincer', so install those dependencies first; (2) pincer stores config/history in ~/.config/pincer and installs a pincer binary under ~/.local/bin (it will suggest adding that dir to PATH); (3) pincer runs uvx mcp-scan which may contact the uvx/Invariant tooling or download mcp-scan components — if you need fully offline scanning, verify uvx behavior first; (4) pincer reduces risk but cannot make installing arbitrary skills risk-free: it fetches skill files via clawhub and will call through to normal installs when you approve, so you should still review high-risk findings and trust lists. If you want extra assurance, inspect scripts/pincer.sh locally and test pincer in a controlled environment before using it as your default installer.
功能分析
Type: OpenClaw Skill
Name: pincer
Version: 1.0.1
The 'pincer' skill is a security-first wrapper for installing OpenClaw agent skills, designed to scan for malware, prompt injection, and suspicious patterns. Its `SKILL.md` contains standard installation instructions to symlink a shell script to `~/.local/bin`, which is a benign operation. The core logic in `scripts/pincer.sh` implements various security checks, including pattern detection (e.g., base64, `curl|sh`, persistence mechanisms), external URL analysis, and integration with `uvx mcp-scan`. All file system and network operations (e.g., `clawhub inspect`, `uvx mcp-scan`) are directly aligned with its stated security purpose. There is no evidence of intentional harmful behavior, data exfiltration, persistence, or prompt injection against the agent within the skill itself; rather, it actively seeks to prevent these in other skills.
能力评估
Purpose & Capability
The name/description (security wrapper for installing skills) align with the provided code: a shell script that fetches skills via clawhub, scans them (mcp-scan + pattern checks), and optionally installs them. The features (trust lists, audit, pattern checks, history) are implemented in the script and match the SKILL.md.
Instruction Scope
SKILL.md and the install script stay within the stated purpose: they fetch skill files, run pattern checks and mcp-scan, and then (when approved) call through to normal installation. The script reads/writes only user-scoped paths (~/.config/pincer, ~/.local/bin) and does not attempt to read unrelated system config or unrelated credentials. Note: the script depends on clawhub, uvx, jq and uses the 'file' utility — these runtime commands are used for scanning/fetching but are not all listed in the registry 'required binaries' metadata (see environment_proportionality).
Install Mechanism
Installation is a bundled shell script that the SKILL.md symlinks into ~/.local/bin. This is a low-risk, transparent install mechanism: no external arbitrary URL downloads are performed by the installer itself. The script does run uvx (mcp-scan) at runtime which may fetch plugins via the uvx tool, but that behavior is consistent with the declared mcp-scan integration.
Credentials
The skill declares no required environment variables or secrets (primary credential: none), which is appropriate. However, SKILL.md/script rely on other binaries at runtime (clawhub, uvx, jq, and likely 'file') that are not included in the registry 'required binaries' field (metadata only lists 'pincer'). This mismatch is a minor coherence issue: the runtime script will fail unless those dependencies are present, and users should be aware these tools are needed.
Persistence & Privilege
The skill does not request always: true and does not modify system-wide settings. It writes per-user config and history to ~/.config/pincer and creates a symlink under ~/.local/bin — expected for a user-level CLI. It does not attempt to persist beyond the user's home or modify other skills' configs.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install pincer - 安装完成后,直接呼叫该 Skill 的名称或使用
/pincer触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
- Improved installer: added clear guidance to ensure ~/.local/bin is in PATH for easier use.
- Installation script label updated for clarity ("Install pincer to PATH").
- Post-install message now includes usage instructions for common commands.
- No functional or feature changes to scanning or skill management logic.
v1.0.0
pincer 1.0.0
- Initial release: security-first wrapper for `clawhub install`
- Scans skills for malware, prompt injection, and suspicious patterns before installation
- Integrates with mcp-scan for advanced threat detection
- Provides commands to install, scan, audit, and manage trust for skills
- Supports detailed risk levels, publisher reputation checks, and configurable security policies
元数据
常见问题
Pincer 是什么?
Security-first wrapper for installing agent skills. Scans for malware, prompt injection, and suspicious patterns before installation. Use instead of `clawhub install` for safer skill management. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1412 次。
如何安装 Pincer?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install pincer」即可一键安装,无需额外配置。
Pincer 是免费的吗?
是的,Pincer 完全免费(开源免费),可自由下载、安装和使用。
Pincer 支持哪些平台?
Pincer 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Pincer?
由 panzacoder(@panzacoder)开发并维护,当前版本 v1.0.1。
推荐 Skills