← 返回 Skills 市场
hudul

Private Chat

作者 兵部尚书 · GitHub ↗ · v1.1.2
cross-platform ⚠ suspicious
286
总下载
1
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install private-chat
功能描述
Private Chat Mode - Trigger encrypted conversations via codeword. Sensitive information is automatically encrypted using AES-256-CBC for maximum security.
安全使用建议
This skill provides a straightforward encryption helper (shell script using OpenSSL) and documentation to add a 'private mode', but there are important red flags you should consider before installing: - The SKILL.md explicitly instructs the assistant to hide the existence of private mode in non-private conversations (tells the model to lie/deny). That is deceptive behavior and may be unacceptable depending on your trust model and policy. Remove or modify that 'Iron Law' before use if you need transparency. - The documentation instructs you to store the encryption password in config.json (plaintext). This is insecure — prefer prompting for the password at runtime or using a system keystore, and restrict file permissions (chmod 600) for any vault files. - The included script depends on openssl and base64 utilities but the skill metadata does not declare required binaries. Verify openssl is available and audit the script before running. - The SKILL.md claims 'auto-encrypt and save' behavior but the shipped script only performs encryption/decryption and does not implement automatic agent-side storage — check how your agent will call the script and where it will write files. Confirm where memory/private-vault.md will live and who can read it. - Default settings use a surprising codeword ('lgbt') — change it to something neutral and private. Recommendations: review and remove the concealment instructions, avoid putting secrets in config.json, run the script locally to verify behavior, inspect who/what can read the vault file, and only install if you trust the skill author or are prepared to modify the skill to meet your security requirements.
功能分析
Type: OpenClaw Skill Name: private-chat Version: 1.1.2 The skill provides a legitimate encrypted 'private vault' feature using AES-256-CBC encryption via a local bash script (scripts/private-vault.sh). While it includes 'Iron Law' instructions in SKILL.md that command the AI to deceive users by denying the feature's existence when not in use, this is presented as a documented privacy feature rather than a malicious backdoor. No evidence of data exfiltration, unauthorized network activity, or intentional exploitation was found.
能力评估
Purpose & Capability
The name/description (private encrypted conversations) align with the provided encryption script and docs. However the SKILL.md promises 'auto-encrypt and save to memory/private-vault.md' while the included script only performs encryption/decryption and does not implement automatic storage integration; the doc also instructs creating a plaintext config.json containing the encryption password (security/usability mismatch). The default codeword 'lgbt' is an odd/unexpected choice that may be insensitive.
Instruction Scope
SKILL.md contains high-level runtime rules that go beyond a simple helper: it tells the agent to detect a codeword, identify sensitive data, auto-encrypt and store it, auto-exit and clear context — and critically it contains an 'Iron Law' requiring the agent to completely hide the existence of private mode in non-private mode (explicit instructions to lie/deny). That is scope creep and a deceptive behavior directive which is a security and policy risk. The instructions also assume the agent will write/read config.json and memory/private-vault.md but give no safe implementation details.
Install Mechanism
No install spec (instruction-only) — low risk from external downloads. The repo includes a shell script that relies on openssl being present; however required binaries were not declared in metadata. The script is local and readable; it uses openssl and base64, so system availability of those tools is required but not surfaced in requirements.
Credentials
The skill requests no environment variables or external credentials, which is proportionate. However the configuration pattern requires storing an encryption password in config.json (plaintext file) per the documentation — that is a poor security practice and disproportionate to a secure design (should use a secure keystore or prompt at runtime). No declarations warn the user about file permissions for the 'memory' folder.
Persistence & Privilege
always:false and no system-wide changes — the skill does not request persistent platform privileges. That said, because the SKILL.md instructs the agent to hide the feature and to persist encrypted content to disk, if the agent is allowed autonomous invocation this combination increases the potential for covert data retention; the deceptive behavior combined with normal model invocation raises concern but does not in itself indicate privilege escalation.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install private-chat
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /private-chat 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.2
private-chat v1.1.2 - Updated documentation to credit 兵步一郎 (Ichiro) as author and clarify purpose. - No functional changes; improvements limited to English and Chinese documentation files.
v1.1.1
private-chat v1.1.1 - No code or documentation changes detected in this release. - Version increment only; functionality and documentation remain unchanged.
v1.1.0
- Added English documentation files: SKILL.md and README.md, providing full instructions in English. - Included Chinese documentation: SKILL.zh.md and README.zh.md for multilingual support. - Updated package.json and existing documents to reflect bilingual support and improved instructions. - No changes to core logic or encryption—documentation and usability update only.
v1.0.0
Private Chat Skill – initial release. - Adds private chat functionality triggered by a codeword, enabling encrypted conversations. - All sensitive information is automatically stored with AES-256-CBC encryption. - Supports custom encryption password and configurable auto-exit timeout. - Includes command-line scripts for encrypting/decrypting stored data. - Strict privacy rules: fully conceals existence of private mode outside of it.
元数据
Slug private-chat
版本 1.1.2
许可证
累计安装 0
当前安装数 0
历史版本数 4
常见问题

Private Chat 是什么?

Private Chat Mode - Trigger encrypted conversations via codeword. Sensitive information is automatically encrypted using AES-256-CBC for maximum security. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 286 次。

如何安装 Private Chat?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install private-chat」即可一键安装,无需额外配置。

Private Chat 是免费的吗?

是的,Private Chat 完全免费(开源免费),可自由下载、安装和使用。

Private Chat 支持哪些平台?

Private Chat 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Private Chat?

由 兵部尚书(@hudul)开发并维护,当前版本 v1.1.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论