← 返回 Skills 市场
2062
总下载
1
收藏
6
当前安装
1
版本数
在 OpenClaw 中安装
/install request-approval
功能描述
Use Preloop's request_approval tool to get human approval before risky operations like deletions, production changes, or external modifications
安全使用建议
This skill appears to be what it says: an instruction-only policy for using a Preloop approval tool. Before installing, verify you trust the Preloop endpoint (https://preloop.ai or your self-hosted URL) and the skill author. Note the setup guidance may suggest running `npx` to provide MCP transport — avoid running that in locked-down environments without review because it downloads and executes code. Ensure an appropriate approval policy and approvers are configured in Preloop, and confirm any API token used is stored only in your agent's MCP config (not copied into public places). If you want higher assurance, ask the skill author for: (1) a canonical source repository or homepage, (2) a maintainer identity you trust, and (3) confirmation that the agent configuration steps are optional (i.e., you can use an existing, vetted MCP transport instead of running npx).
功能分析
Type: OpenClaw Skill
Name: request-approval
Version: 1.0.0
The OpenClaw AgentSkills skill bundle is benign. Its explicit purpose is to enhance security by requiring human approval for risky operations, which is the opposite of malicious intent. The `SKILL.md` instructions consistently guide the AI agent to be cautious, request approval via the `request_approval` tool before executing potentially harmful actions, and to immediately stop if approval is denied. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts designed to bypass security or perform unauthorized actions. The external network calls are explicitly directed to a Preloop MCP server for the stated purpose of obtaining approval, as detailed in `references/SETUP.md`.
能力评估
Purpose & Capability
The name/description (requesting human approval before risky operations) matches the instructions and examples. Required resources (a configured Preloop MCP server and an API token in agent configuration) are exactly what this capability needs; there are no unrelated environment variables, binaries, or config paths requested.
Instruction Scope
SKILL.md limits its behavior to: gather context about intended risky operations, call the request_approval tool, wait for human decision, then act (or not) based on approval. Example commands (ls, rm -rf, gh pr create, npm install, run migrations) are shown only as the operations that would be gated by approval. The instructions do not ask the agent to collect or exfiltrate data outside this approval flow.
Install Mechanism
There is no install spec (instruction-only), which is low risk. One setup example includes configuring the agent to run an `npx` command ("npx -y @modelcontextprotocol/server-everything") to provide MCP transport; that step would cause runtime download and execution of npm package code if followed, so administrators should review/approve that action in environments that disallow remote code installs.
Credentials
The skill declares no required env vars and does not demand unrelated credentials. Setup docs explain storing a Preloop API token in the agent's MCP configuration (Authorization header), which is proportional for a tool that communicates with an external approval service. The skill itself does not attempt to read or exfiltrate other environment variables or secrets.
Persistence & Privilege
The skill is not always-enabled (always:false) and does not request elevated or system-wide persistence. It does not instruct modifying other skills' configs. Model invocation is allowed (default) which is normal for a skill designed to be called by agents.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install request-approval - 安装完成后,直接呼叫该 Skill 的名称或使用
/request-approval触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of the request-approval skill.
- Enables human-in-the-loop approvals before risky operations like deletions, production changes, or external modifications.
- Outlines clear guidelines for when approval is required, recommended, or not necessary.
- Provides parameters and detailed usage instructions for the `request_approval` tool.
- Includes best practices and a decision framework to ensure safe and responsible operation.
元数据
常见问题
Request Approval 是什么?
Use Preloop's request_approval tool to get human approval before risky operations like deletions, production changes, or external modifications. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2062 次。
如何安装 Request Approval?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install request-approval」即可一键安装,无需额外配置。
Request Approval 是免费的吗?
是的,Request Approval 完全免费(开源免费),可自由下载、安装和使用。
Request Approval 支持哪些平台?
Request Approval 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Request Approval?
由 yconst(@yconst)开发并维护,当前版本 v1.0.0。
推荐 Skills