← 返回 Skills 市场
Radon AI
作者
Ignacy Łątka
· GitHub ↗
· v1.0.0
741
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install radon-ai
功能描述
Use Radon IDE's AI tools for React Native development - query library docs, view logs and network traffic, take screenshots, inspect component trees, and int...
安全使用建议
This skill claims powerful debugging access (logs, network bodies, screenshots, app control) but the instructions never say how the agent will connect to Radon’s MCP server, what endpoint or auth to use, or what safeguards exist. Before installing or letting the agent use it: (1) Ask the author for the connector details — host/port, API schema, and auth mechanism — and only allow local-only endpoints (e.g., localhost) with explicit consent. (2) Confirm the Radon IDE extension source and license and that it restricts access to test/dev apps (not production data). (3) Request explicit data-handling rules (filtering of secrets, opt-in consent for network bodies/screenshots). (4) Test the skill in an isolated/sandbox environment with no sensitive backends or real credentials. If the author cannot supply concrete connection/auth information and data-protection controls, treat the skill as non-functional or potentially risky and avoid giving it access to sensitive projects.
功能分析
Type: OpenClaw Skill
Name: radon-ai
Version: 1.0.0
The skill provides powerful debugging tools, notably `view_network_logs` and `view_network_request_details` in `SKILL.md`, which can expose sensitive information like network request headers and bodies. While these capabilities are presented for legitimate debugging purposes (e.g., inspecting API calls), they represent a significant risk. If the AI agent were compromised via prompt injection, these tools could be misused to exfiltrate credentials, tokens, or other confidential data from the user's application network traffic. This constitutes a high-risk capability that could lead to data exfiltration, classifying it as suspicious due to the potential for abuse, despite the stated benign intent.
能力评估
Purpose & Capability
The skill claims to be an MCP server exposing rich runtime tools for Radon IDE (logs, network bodies, screenshots, component tree, reloads). The SKILL.md lists prerequisites (Radon extension, license) but provides no host/URL, port, protocol, RPC schema, or client binding for contacting any MCP server. That gap makes the advertised capabilities incoherent with the provided artifacts — either the skill is incomplete (no connector) or it expects implicit local infrastructure that is not specified. Additionally, the described capabilities inherently grant access to potentially sensitive app data (network bodies, headers, screenshots) which should be explicitly justified and scoped.
Instruction Scope
The runtime instructions direct use of tools that read and return build/runtime logs, full network request details (headers and bodies), and screenshots. These actions can expose secrets (API tokens, PII) from the developer environment or the app under test. The SKILL.md does not specify safeguards, consent flows, filtering, or limits on what data will be returned, nor does it describe how tool calls are made or authorized. It is vague about when and how the agent should call these tools, which grants broad discretion and could lead to over-collection of sensitive data.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing will be downloaded or written by the platform installer. That lowers supply-chain risk compared with skills that fetch binaries or archives.
Credentials
The skill declares no required environment variables or credentials, which is consistent with being an instruction-only descriptor. However, the described tools would access highly sensitive runtime artifacts (network request bodies, headers, logs, screenshots) if the underlying Radon IDE/MCP server is available. Because the SKILL.md does not require or describe any explicit authorization tokens or consent mechanics, it's unclear how access control to those sensitive artifacts is enforced — this mismatch should be clarified before trusting the skill.
Persistence & Privilege
The skill does not request always:true and does not include install-time persistence mechanisms. Autonomous invocation is allowed by default (disable-model-invocation: false), which is platform normal; there is no indication the skill modifies other skills or system-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install radon-ai - 安装完成后,直接呼叫该 Skill 的名称或使用
/radon-ai触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of radon-ai skill for React Native development.
- Integrates Radon IDE's AI tools for enhanced React Native debugging and development workflows.
- Provides commands to query React Native library documentation and get detailed library descriptions.
- Enables interactive tools: reload application, view application logs, take screenshots, inspect component trees, and monitor network traffic.
- Offers daily-updated knowledge base for popular React Native libraries and APIs.
- Requires Radon IDE extension and license, and a running React Native or Expo project in VS Code or Cursor.
元数据
常见问题
Radon AI 是什么?
Use Radon IDE's AI tools for React Native development - query library docs, view logs and network traffic, take screenshots, inspect component trees, and int... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 741 次。
如何安装 Radon AI?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install radon-ai」即可一键安装,无需额外配置。
Radon AI 是免费的吗?
是的,Radon AI 完全免费(开源免费),可自由下载、安装和使用。
Radon AI 支持哪些平台?
Radon AI 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Radon AI?
由 Ignacy Łątka(@latekvo)开发并维护,当前版本 v1.0.0。
推荐 Skills