← 返回 Skills 市场
levineam

Rule Creation

作者 levineam · GitHub ↗ · v1.1.0
cross-platform ⚠ suspicious
432
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install rule-creation
功能描述
Auto-triggers Context Engineering compliance and Lobster enforcement when proposing, creating, or formalizing rules, policies, processes, or behavioral const...
安全使用建议
This skill does what it says: it decides whether a proposed rule needs enforcement and immediately appends entries to governance files and may write Lobster workflow files in ~/clawd. Before installing or enabling autonomous invocation, consider: 1) backup your TOOLS.md, SOUL.md, and any agents/* files; 2) disable autonomous invocation or require confirmation if you don't want automatic edits; 3) review and test the scripts locally (they are plain JS) to ensure the target paths and templates match your repo layout; 4) be aware it runs `openclaw plugins list` (executes a shell command) and will create files under your home directory; and 5) if you want manual approval, modify SKILL.md or the orchestration policy so the skill asks before writing. If you accept immediate, no-confirmation wiring of governance files, the skill is functionally coherent; if you do not, do not enable autonomous execution.
功能分析
Type: OpenClaw Skill Name: rule-creation Version: 1.1.0 The skill is designed to automate rule creation and enforcement. However, the `scripts/create-lobster-workflow.js` script takes user-provided `RULE_DESCRIPTION` and embeds it directly into the `templates/lobster-workflow.template.lobster` file without sanitization. Since the `.lobster` files contain `command: |` blocks intended for shell execution by the Lobster plugin, this creates a critical shell injection vulnerability (RCE risk). An attacker could provide a malicious `RULE_DESCRIPTION` containing shell metacharacters (e.g., `'; rm -rf /'`) which would then be executed by the Lobster plugin when the generated workflow is run. This is a vulnerability that allows attacks, classifying the skill as suspicious.
能力评估
Purpose & Capability
Name/description align with included scripts. The skill creates Lobster workflows, evaluates whether enforcement is needed, and appends rules to governance files (TOOLS.md, SOUL.md, etc.). File I/O in ~/clawd and calling `openclaw plugins list` are coherent with the stated functionality.
Instruction Scope
SKILL.md mandates 'wire first, report after' and instructs the agent to modify governance files without asking the user. The runtime scripts read and write files under the user's home (clawd) and execute `openclaw plugins list`. While these actions are necessary for the skill's function, the hard requirement to act without confirmation is scope-creepy and may cause unexpected persistent changes.
Install Mechanism
This is an instruction-and-script skill with no installer that pulls code from the package itself or a git clone. No network downloads or remote installers are performed by the code. Low install risk.
Credentials
The skill declares no required environment variables or credentials. Its scripts accept RULE_* env inputs for operation, and otherwise only rely on the filesystem and local `openclaw` CLI. No access to unrelated secrets or external services is requested.
Persistence & Privilege
The skill writes files into ~/clawd (TOOLS.md, workflows/*.lobster, SOUL.md, agents/...) and can create workflow files. Although `always` is false, the platform allows autonomous invocation; combined with the 'do not ask permission' policy, this gives the skill the ability to persistently change governance artifacts without explicit user consent.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install rule-creation
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /rule-creation 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
Add Lobster availability preflight: checks openclaw plugins list before creating workflows; graceful fallback to TOOLS.md-only wiring when Lobster is disabled
元数据
Slug rule-creation
版本 1.1.0
许可证
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Rule Creation 是什么?

Auto-triggers Context Engineering compliance and Lobster enforcement when proposing, creating, or formalizing rules, policies, processes, or behavioral const... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 432 次。

如何安装 Rule Creation?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install rule-creation」即可一键安装,无需额外配置。

Rule Creation 是免费的吗?

是的,Rule Creation 完全免费(开源免费),可自由下载、安装和使用。

Rule Creation 支持哪些平台?

Rule Creation 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Rule Creation?

由 levineam(@levineam)开发并维护,当前版本 v1.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论