← 返回 Skills 市场
Ruby On Rails Gateway
作者
Jesse Waites
· GitHub ↗
· v1.0.0
495
总下载
2
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install ruby-on-rails-gateway
功能描述
Configure and operate a Ruby On Rails Agent Gateway integration from the OpenClaw side for briefing pull workflows. Use when setting up OpenClaw to read app...
安全使用建议
This skill appears to do what it says (pull read-only briefing data from a Rails '/agent-gateway/.../briefing' endpoint), but the SKILL.md requires sensitive env vars (AGENT_GATEWAY_TOKEN, AGENT_GATEWAY_SECRET) and references a local helper script while the registry metadata lists none. Before installing: 1) Verify you actually need to provide the bearer token and path secret and that you understand where they'll be stored; prefer using a scoped, read-only token and rotate it frequently. 2) Confirm the helper script path (/home/node/.openclaw/workspace/scripts/rails-gateway-briefing) and its contents — do not run or trust scripts you haven't inspected. 3) Be cautious when the skill asks to 'show exact export commands' — never paste secrets into public chat or logs; provide values via secure secrets management. 4) Ensure the target RAILS_GATEWAY_URL is your known app (no unexpected third-party endpoints). 5) If metadata/packaging doesn't declare required env vars, ask the publisher for an updated manifest that explicitly lists needed credentials and any filesystem accesses; if you can't verify those, treat the skill as higher risk.
功能分析
Type: OpenClaw Skill
Name: ruby-on-rails-gateway
Version: 1.0.0
The skill bundle is designed to integrate with a Ruby on Rails agent gateway for data pulling. It clearly defines its purpose, required environment variables (e.g., `AGENT_GATEWAY_TOKEN`, `AGENT_GATEWAY_SECRET`), and provides standard `curl` and local helper script commands for data retrieval. Crucially, the `skill.md` includes explicit 'Safety Rules' instructing the AI agent to never print live tokens, redact secrets, and perform only read-only actions, which are genuine security-conscious instructions rather than prompt injection attempts. There is no evidence of malicious execution, data exfiltration to unauthorized endpoints, persistence mechanisms, or obfuscation.
能力评估
Purpose & Capability
Skill purpose (Rails Agent Gateway briefing pulls) matches the actions described in SKILL.md (curl/helper script + bearer token + path secret). However the registry metadata lists no required environment variables or config paths while the SKILL.md explicitly requires AGENT_GATEWAY_TOKEN and AGENT_GATEWAY_SECRET (and optionally RAILS_GATEWAY_URL/RAILS_GATEWAY_TOKEN). The missing declarations are an incoherence: the skill will need secrets despite metadata claiming none.
Instruction Scope
Instructions direct the agent to perform network fetches against a user-provided Rails endpoint and to run a local helper script at /home/node/.openclaw/workspace/scripts/rails-gateway-briefing when present. The SKILL.md asks to read environment variables and to show exact export commands if env vars are missing. These behaviors are consistent with the stated purpose but reference a specific filesystem path and expect sensitive env vars — neither of which are declared in the registry metadata. The guidance to 'show exact export commands' could lead to accidentally revealing secrets if not handled carefully.
Install Mechanism
No install spec or bundled code is present (instruction-only), which reduces supply-chain risk. However the skill assumes an external Ruby gem is mounted on the Rails app and optionally a helper script exists in the agent workspace; those artifacts are not provided by the skill and must be verified/trusted separately.
Credentials
Requesting a bearer token (AGENT_GATEWAY_TOKEN) and a path secret (AGENT_GATEWAY_SECRET) is proportionate to the skill's function, but the registry metadata does not declare these required env vars. The omission means users may not realize they must supply sensitive credentials. The skill also mentions RAILS_GATEWAY_URL/RAILS_GATEWAY_TOKEN as alternatives — multiple secret-bearing variables increase risk if not documented and handled properly.
Persistence & Privilege
The skill does not request persistent/always-on inclusion and does not modify other skills or global agent settings. It operates at runtime and, as written, performs read-only pulls unless the user explicitly requests write actions.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install ruby-on-rails-gateway - 安装完成后,直接呼叫该 Skill 的名称或使用
/ruby-on-rails-gateway触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of the Rails Agent Gateway OpenClaw skill that works in tandem with the agent-gateway rubygem at https://github.com/jessewaites/agent-gateway
- Provides integration setup and usage instructions for the OpenClaw–Rails agent_gateway briefing pull workflow.
- Details required environment variables for secure authentication and connectivity.
- Includes example command patterns for both `curl` and local helper script usage.
- Documents available query parameters for flexible, resource-scoped data pulls.
- Lists safety, troubleshooting, and best practice guidelines for secure and reliable operation.
元数据
常见问题
Ruby On Rails Gateway 是什么?
Configure and operate a Ruby On Rails Agent Gateway integration from the OpenClaw side for briefing pull workflows. Use when setting up OpenClaw to read app... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 495 次。
如何安装 Ruby On Rails Gateway?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install ruby-on-rails-gateway」即可一键安装,无需额外配置。
Ruby On Rails Gateway 是免费的吗?
是的,Ruby On Rails Gateway 完全免费(开源免费),可自由下载、安装和使用。
Ruby On Rails Gateway 支持哪些平台?
Ruby On Rails Gateway 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Ruby On Rails Gateway?
由 Jesse Waites(@jessewaites)开发并维护,当前版本 v1.0.0。
推荐 Skills