← 返回 Skills 市场
590
总下载
0
收藏
2
当前安装
3
版本数
在 OpenClaw 中安装
/install rescueclaw
功能描述
Provides automatic checkpoint creation and rollback to safely recover from failures during risky operations like config changes or updates.
安全使用建议
This skill appears to do what it claims (create/clear checkpoint files and invoke a user-local daemon), but before installing: 1) Review the upstream GitHub repository and the exact release asset (verify that the release author is trusted). 2) Prefer installs with checksums/signatures — the installer does not verify them. 3) Inspect the downloaded binary (or run it in an isolated environment) before trusting it, since the installer extracts a tarball from Releases. 4) Note that example code uses systemctl (requires privileges) and uses '~' in paths (Node won't expand it automatically) — fix these when you adapt the examples. 5) Ensure ~/.local/bin is in your PATH and that you are comfortable with a user-local daemon being available for the agent to call. If you need higher assurance, request a signed release or build the daemon from source yourself.
功能分析
Type: OpenClaw Skill
Name: rescueclaw
Version: 0.2.1
The skill is classified as suspicious due to its use of `execSync` in `install.js` to download and execute an external binary from GitHub, and in `rescueclaw-checkpoint.js` to interact with the installed daemon. While these actions are part of the skill's stated purpose (installing a checkpointing daemon), downloading and executing external code via shell commands (`curl`, `tar`) is a high-risk operation and a potential supply chain vulnerability. Additionally, the `SKILL.md` demonstrates the agent's ability to execute arbitrary shell commands via `exec`, which, if not properly sandboxed, presents a significant prompt injection vulnerability for the agent itself, even though the skill does not maliciously exploit it.
能力评估
Purpose & Capability
The skill's name/description (checkpoint + rollback for risky operations) matches the provided code and runtime instructions: rescueclaw-checkpoint.js creates/clears a checkpoint file and queries a user-local daemon; install.js installs a user-local daemon binary. No unrelated credentials, services, or capabilities are requested.
Instruction Scope
SKILL.md and the API expose exactly the checkpoint operations. However, example usage includes privileged operations (e.g., restarting a system service via systemctl) and uses a literal '~' in fs.writeFileSync (Node.js does not expand ~ automatically), which is a bug/ambiguous guidance. The docs instruct agents to call the daemon CLI (rescueclaw status) and to write checkpoint files under ~/.openclaw/rescueclaw — both are within the skill's stated scope, but the example's systemctl usage requires elevated privileges and is not something the skill can safely perform on behalf of a user without explicit consent.
Install Mechanism
Installation downloads a tar.gz from a GitHub Releases URL (well-known host) and extracts it into ~/.local/bin; this is a common pattern. Concerns: the installer doesn't verify checksums or signatures, extracts archives directly (tar extraction can be abused if upstream is compromised), and uses curl/tar via execSync (the script itself invokes shell commands). The install targets user-local paths (no sudo required), which limits system-wide impact.
Credentials
The skill requests no environment variables, no credentials, and stores data under the user's home directory (~/.openclaw/rescueclaw). The code does call external binary 'rescueclaw' when present, which matches the skill's role. There are no extraneous secrets or unrelated env access.
Persistence & Privilege
The skill does create persistent artifacts: it installs a daemon binary to ~/.local/bin/rescueclaw and stores checkpoint data under ~/.openclaw/rescueclaw/. always is false (not force-included). The agent is allowed to invoke the skill autonomously by default (normal for skills); this combined with a long-lived daemon means the binary could be executed by the agent later — review the binary from upstream before trusting it.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install rescueclaw - 安装完成后,直接呼叫该 Skill 的名称或使用
/rescueclaw触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.1
Downloads platform-specific binary from GitHub Releases (no curl|bash). User-local paths (~/.openclaw/rescueclaw). Supports linux/arm64, linux/amd64, macos/arm64, macos/amd64.
v0.2.0
Fix security flags
v0.1.0
Initial release — checkpoint/rollback safety net for risky agent operations
元数据
常见问题
RescueClaw 是什么?
Provides automatic checkpoint creation and rollback to safely recover from failures during risky operations like config changes or updates. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 590 次。
如何安装 RescueClaw?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install rescueclaw」即可一键安装,无需额外配置。
RescueClaw 是免费的吗?
是的,RescueClaw 完全免费(开源免费),可自由下载、安装和使用。
RescueClaw 支持哪些平台?
RescueClaw 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 RescueClaw?
由 harman314(@harman314)开发并维护,当前版本 v0.2.1。
推荐 Skills