← 返回 Skills 市场

Rm Safety

Name: Rm Safety
Author: caesaryp

作者 CaesarYP · GitHub ↗ · v1.2.2 · MIT-0

cross-platform ✓ 安全检测通过

159

总下载

当前安装

版本数

在 OpenClaw 中安装

/install rm-safety

功能描述

Intercepts risky rm commands to assess impact, confirm user intent, and suggest safer alternatives before execution to prevent accidental data loss.

安全使用建议

This skill appears coherent and limited to local safety checks before deletes, but consider the following before installing: - The skill must run inside the agent's execution context to intercept 'rm' calls — it cannot retroactively stop deletes you run directly in a shell outside the agent. - Impact assessments use find/ls/realpath on the given path; for very large directories these checks can be slow or resource-heavy. - Confirm the backup behavior (it writes to /tmp by default) meets your needs; /tmp is ephemeral and not intended as long-term backup. - The package metadata references a GitHub repo/ClawHub page while registry source/homepage fields are empty — if you want a higher assurance, review the upstream repository (README links are provided) before enabling the skill. - Remember the agent will still execute the original rm command if you explicitly confirm; the skill is a guard not an automatic quarantine.

功能分析

Type: OpenClaw Skill Name: rm-safety Version: 1.2.2 The rm-safety skill is a security-focused utility designed to prevent accidental data loss by intercepting destructive commands like 'rm', 'unlink', and 'shred'. It implements defensive coding practices such as path quoting and the use of the '--' separator to prevent option injection, and it explicitly instructs the agent to refuse system-critical deletions (e.g., 'rm -rf /'). No evidence of data exfiltration, malicious execution, or prompt injection was found in SKILL.md or README.md.

能力评估

✓ Purpose & Capability

Name/description match the SKILL.md: the skill only asks the agent to detect RM-like commands, assess the target (ls, find, realpath, test), prompt the user, and optionally run backups or alternative commands. No unrelated credentials, binaries, or network access are requested. Minor note: README mentions a GitHub repo and ClawHub install path while registry metadata lists 'Source: unknown' and no homepage — this is a small metadata inconsistency but does not change functionality.

✓ Instruction Scope

Runtime instructions are narrowly scoped to local filesystem checks (ls, find, realpath, test -e), confirmation prompts, and optional local backup/move operations. The instructions explicitly emphasize quoting, using '--', and refusing destructive global patterns (e.g., 'rm -rf /'). They do not instruct reading unrelated files or sending data externally. One operational caveat: counting files with find on very large directories can be slow or resource-intensive, which is expected behavior for an impact assessment but worth noting.

✓ Install Mechanism

Instruction-only skill with no install spec or code to fetch — lowest install risk. README suggests optional cloning or npx clawhub install, but the skill package itself contains no install script or remote downloads.

✓ Credentials

The skill requires no environment variables, credentials, or access to unrelated config paths. All commands operate on paths provided by the user/agent and local filesystem state. The backup target (/tmp) and workspace checks are proportional to the task.

✓ Persistence & Privilege

always is false and the skill does not request elevated or persistent system-wide privileges. It does not modify other skills or system configs. Autonomous invocation (disable-model-invocation: false) is normal for skills; here there is no additional concerning privilege.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install rm-safety
安装完成后，直接呼叫该 Skill 的名称或使用 /rm-safety 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.2.2

Version bump to 1.2.2: Unified metadata version, bilingual EN/ZH documentation, MIT-0 license, security hardened with path injection prevention | 版本更新至 1.2.2：统一元数据版本，中英双语文档，MIT-0 许可证，安全加固（路径注入防护）

v1.2.1

Updated metadata: bilingual EN/ZH, MIT-0 license, security hardened with path injection prevention, GitHub release ready | 更新元数据：中英双语，MIT-0 许可证，安全加固（路径注入防护），GitHub 发布就绪

v1.2.0

Added security hardening: path quoting, -- option separator, existence checks, and clearer activation rules to prevent command injection | 添加安全加固：路径引用、-- 选项分隔符、存在性检查和更清晰的激活规则，防止命令注入

v1.1.0

Added bilingual EN/ZH support for international users | 添加中英文双语支持，面向国际用户

v1.0.0

- Initial release of rm-safety skill for high-risk command protection. - Intercepts and requires user confirmation before executing dangerous file deletion commands (e.g., rm, unlink, shred). - Provides detailed impact assessment and safer alternatives when such commands are detected. - Does not trigger for recoverable delete actions (trash, mv to trash). - Includes exception handling and clear instructions for user responses.

元数据

Slug rm-safety

版本 1.2.2

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 5

常见问题

Rm Safety 是什么？

Intercepts risky rm commands to assess impact, confirm user intent, and suggest safer alternatives before execution to prevent accidental data loss. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 159 次。

如何安装 Rm Safety？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install rm-safety」即可一键安装，无需额外配置。

Rm Safety 是免费的吗？

是的，Rm Safety 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Rm Safety 支持哪些平台？

Rm Safety 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Rm Safety？

由 CaesarYP（@caesaryp）开发并维护，当前版本 v1.2.2。