← 返回 Skills 市场
145
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install python-use-agent
功能描述
智能执行用户描述的Python任务,自动生成、执行代码并反馈结果,无需额外配置,兼容旧命令用法。
安全使用建议
This skill implements what it claims (AI-driven Python execution) but there is a meaningful implementation mismatch: config.json and executor.py describe sandboxing and safety checks, yet index.js directly writes a temp .py file and runs it with child_process.exec without applying those checks or honoring sandbox settings. That allows arbitrary Python to run with whatever environment and filesystem access the agent process has. Before installing or using the skill, consider: 1) Do not pass secrets or sensitive file paths as 'context' or task text — executed code could read environment variables and files. 2) Prefer running this skill only in an isolated environment (container or VM) or with network/file-system access disabled. 3) Ask the author/maintainer whether index.js should call the Python executor (which would apply safety checks) or whether sandbox enforcement will be added; request explicit runtime enforcement of blocked imports/patterns and network/file-system restrictions. 4) If you must use it in a sensitive environment, review and modify index.js to enforce config.json security settings or route execution through a verified sandbox. If you cannot get these assurances, treat the skill as risky and avoid supplying any credentials or private data to it.
功能分析
Type: OpenClaw Skill
Name: python-use-agent
Version: 1.0.0
The skill is designed to generate and execute arbitrary Python code based on AI prompts, which is an inherent Remote Code Execution (RCE) risk. While it includes basic security configurations and safety checks (e.g., `_check_safety` in `executor.py` and `blocked_imports` in `config.json`), the execution mechanism in `index.js` uses `child_process.exec` on temporary files without a robust, hardened sandbox. There is no evidence of intentional malice or data exfiltration, but the broad execution capabilities and the 'No Agents, Code is Agent' philosophy present a significant attack surface if the AI is prompted to generate harmful code.
能力评估
Purpose & Capability
The name/description ('Python Use Agent') align with the included files: the package provides mechanisms to generate, review, and execute Python code. Requiring no external credentials and no special binaries is reasonable for this purpose. However, config.json declares sandboxing and allowed/blocked imports and executor.py contains safety-check placeholders, while index.js implements direct execution of Python code via child_process.exec without invoking those safety checks — an implementation mismatch that weakens the claimed protections.
Instruction Scope
SKILL.md describes task->generate->execute workflow and notes sandboxing, but it does not instruct agents to avoid sending secrets or system data into generated code. executor.py contains _check_safety and other safety stubs, but index.js's executePython writes the code to a temp file and runs `python <file>` directly, with no pre-execution filtering, no blocking of dangerous patterns, and no enforcement of the config.json security settings. That means the agent can execute arbitrary Python that may read files, environment variables, or use network I/O — scope creep relative to the plain skill description.
Install Mechanism
No install spec (instruction-only with shipped code) — lowest install risk. package.json lists no dependencies and peerDependencies requiring Python; nothing is downloaded at install time and no external URLs are used.
Credentials
The skill declares no required environment variables (reasonable), but runtime behavior allows executed Python code to access the agent's environment and filesystem. config.json lists allowed_imports including 'os' and 'pathlib' and allows network in execution config, yet blocked_imports are strings rather than enforced rules. Because index.js executes Python directly (without enforcing blocked patterns or a sandbox), the skill can inadvertently expose environment variables or local files to executed code. The skill's own metadata does not request credentials, but runtime code could access any env var present — this is disproportionate unless the environment is trusted and isolated.
Persistence & Privilege
always:false and no special OS restrictions. The skill does create ./python-use-results and writes temp files there, but it does not attempt to modify other skills or system-wide agent settings. It does not request persistent elevated privileges in its metadata.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install python-use-agent - 安装完成后,直接呼叫该 Skill 的名称或使用
/python-use-agent触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Deprecated and integrated this skill into the unified "code" skill entry point for Python tasks.
- Maintained for backward compatibility; all tasks are auto-forwarded to the new entry.
- Updated documentation to recommend using code python [task] for all future tasks.
- Provided migration guide and clarified that no further configuration is needed.
元数据
常见问题
Python Use Agent 是什么?
智能执行用户描述的Python任务,自动生成、执行代码并反馈结果,无需额外配置,兼容旧命令用法。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 145 次。
如何安装 Python Use Agent?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install python-use-agent」即可一键安装,无需额外配置。
Python Use Agent 是免费的吗?
是的,Python Use Agent 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Python Use Agent 支持哪些平台?
Python Use Agent 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Python Use Agent?
由 JIRBOY(@jirboy)开发并维护,当前版本 v1.0.0。
推荐 Skills