← 返回 Skills 市场

ROS2 Execution

Name: ROS2 Execution
Author: bigrobinson

作者 Brian Robinson · GitHub ↗ · v1.0.1 · MIT-0

cross-platform ✓ 安全检测通过

114

总下载

当前安装

版本数

在 OpenClaw 中安装

/install ros2-execution

功能描述

Execute ROS 2 commands (run, launch, call) in a sandboxed, allowlisted environment. Supports parameter profiles.

安全使用建议

This skill appears to do what it says: it enforces an allowlist and runs ros2 commands via a safe wrapper. Before installing, review and do the following: (1) inspect and maintain config/packages.json to ensure only trusted packages are allowlisted; (2) be aware that the wrapper sources your ROS setup.bash to capture environment variables — if a workspace's setup.bash contains unexpected code it will run when sourced, so only use workspaces you trust; (3) profiles live under ~/.openclaw/workspace/ros_profiles — keep sensitive data out of those files; (4) the registry metadata omits required binaries/config paths (ros2, AMENT_PREFIX_PATH, config/), so expect to manually ensure your ROS environment is correctly sourced and that ros2 is available; (5) if you want to limit autonomous runs, consider disabling model invocation for this skill. If you need higher assurance, manually run the provided scripts in a controlled environment and audit any setup.bash files in your workspaces before enabling the skill.

功能分析

Type: OpenClaw Skill Name: ros2-execution Version: 1.0.1 The ros2-execution skill provides a controlled environment for executing ROS 2 commands by utilizing a Python safety wrapper (scripts/safe_ros2_execution.py). It implements several security measures, including a package allowlist (config/packages.json), workspace path validation to ensure packages are sourced from approved locations, and the use of subprocess calls without a shell to mitigate injection risks. The setup script (scripts/setup.sh) automates environment discovery, and the SKILL.md instructions explicitly direct the AI agent to use the secure wrapper and follow safe parameter-handling practices.

能力评估

ℹ Purpose & Capability

The skill's name/description match the provided scripts and SKILL.md: the wrapper enforces an allowlist and workspace checks before invoking ros2. However the registry metadata claims no required binaries/config paths while the SKILL.md and scripts clearly require a sourced ROS 2 environment (ros2 on PATH, AMENT_PREFIX_PATH) and write/read config files under the skill directory and ~/.openclaw/workspace. This is a minor metadata inconsistency, not a functional mismatch.

ℹ Instruction Scope

Instructions and the safe_ros2_execution.py wrapper stay within the declared purpose: they read config/config.json and config/packages.json, verify package prefixes, optionally read YAML profiles from ~/.openclaw/workspace/ros_profiles, and execute ros2 commands without shell=True. A noteworthy operational risk: the wrapper sources the ROS setup.bash via a bash -c 'source ... && env' call to build the environment — sourcing a setup.bash will execute whatever is in that file (typical for ROS but a potential vector if a workspace's setup.bash is malicious). This behavior is expected for a tool that must load ROS environments.

✓ Install Mechanism

No remote install/downloads or package installs are specified; the skill is delivered as local scripts and an SKILL.md. No high-risk installer URLs or archive extraction are present.

ℹ Credentials

The skill requests no secrets or external credentials and only needs access to ROS environment variables, skill-local config/, and optional user profile YAMLs in ~/.openclaw/workspace. That is proportionate to its purpose. Again, the registry metadata not listing required config paths/binaries is inconsistent with the scripts' runtime requirements.

✓ Persistence & Privilege

The skill does not request 'always: true' or modify other skills; it writes a config.json under its own directory via setup.sh and reads its own config and packages.json. Model/autonomous invocation is enabled by default (disable-model-invocation: false) which is normal for user-invocable skills.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install ros2-execution
安装完成后，直接呼叫该 Skill 的名称或使用 /ros2-execution 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.1

- Switched secure execution wrapper from a shell script (`safe_ros2_execution.sh`) to a Python script (`safe_ros2_execution.py`) with improved security via subprocess handling. - Added support for parameter profiles and loading parameters from YAML files via `--profile` or `--params-file` flags. - Updated documentation for new Python script usage and parameter handling. - Deprecated usage of the shell script; all execution should now use the Python wrapper for safety and new features.

v1.0.0

Initial release of ros2-execution. - Enables secure execution of ROS 2 commands (run, launch, call) in a sandboxed, allowlisted environment. - Requires setup to discover ROS paths and configure allowed workspaces and packages. - All commands must be issued via the safe wrapper script, which enforces command type, workspace, and allowlist security checks. - Supports running nodes, launching files, calling services, and sending action goals.

元数据

Slug ros2-execution

版本 1.0.1

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 2

常见问题

ROS2 Execution 是什么？

Execute ROS 2 commands (run, launch, call) in a sandboxed, allowlisted environment. Supports parameter profiles. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 114 次。

如何安装 ROS2 Execution？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install ros2-execution」即可一键安装，无需额外配置。

ROS2 Execution 是免费的吗？

是的，ROS2 Execution 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

ROS2 Execution 支持哪些平台？

ROS2 Execution 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 ROS2 Execution？

由 Brian Robinson（@bigrobinson）开发并维护，当前版本 v1.0.1。