← 返回 Skills 市场
Runbook Automator
作者
charlie-morrison
· GitHub ↗
· v1.0.0
· MIT-0
37
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install runbook-automator
功能描述
Convert manual incident runbooks into automated, executable playbooks. Parse existing runbooks, generate scripts for each step, add health checks, rollback p...
安全使用建议
This skill appears to do what it claims but contains several omissions and safety risks. Before installing or using it:
- Treat generated playbooks as potentially destructive: always review any generated script line-by-line before running, and prefer DRY_RUN=true for testing.
- Expect it to try to send notifications to Slack/PagerDuty if SLACK_WEBHOOK or PAGERDUTY_KEY are present in your environment — remove or isolate those env vars if you don't want test messages sent.
- The skill references external services (Confluence, Google Docs) but doesn't declare required credentials; verify how the agent would access those sources and don't provide credentials unless you trust the skill.
- Run the tool only in an isolated/test environment when first trying it; do not run on production hosts or with production credentials until you have validated generated scripts and rollback behavior.
- Ask the publisher (or request in the registry) that the skill declare required env vars, list the external commands it intends to call (kubectl, curl, bc, etc.), and add explicit safety checks (require explicit user confirmation before any non-dry-run execution, sandboxing, and detection of destructive commands).
- If you are uncomfortable with autonomous execution, restrict or disable automatic invocation for this skill in your agent configuration and require manual invocation/approval.
功能分析
Type: OpenClaw Skill
Name: runbook-automator
Version: 1.0.0
The runbook-automator skill is designed to transform manual incident response documentation into executable bash scripts. It includes functionality for parsing text, auditing runbooks for gaps (using standard find/grep commands), and generating templates with built-in rollback and notification logic. The skill's behavior is transparent and aligns with its stated purpose, with no evidence of data exfiltration, malicious execution, or hidden prompt injection attacks.
能力评估
Purpose & Capability
The name and description align with the instructions: parsing runbooks, classifying steps, generating scripts, auditing documents, and dry-running playbooks are coherent capabilities for a Runbook Automator. However, the SKILL.md references external systems (Slack, PagerDuty, Confluence, Google Docs) and runtime secrets (SLACK_WEBHOOK, PAGERDUTY_KEY) without declaring them in the skill metadata, which is an omission/incoherence between claimed capabilities and declared requirements.
Instruction Scope
The runtime instructions include generating executable scripts that may run arbitrary system commands (e.g., kubectl, DB failover commands), set trap-based rollbacks, and send notifications to external endpoints. The 'test' and 'convert' flows imply probing hosts and verifying credentials. There are no explicit safety guardrails described (for example, requiring an explicit user confirmation before executing a non-dry-run script, sandboxing, or automated checks for destructive operations). This gives the agent broad discretion to read repository files and potentially execute dangerous commands derived from runbooks.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so it does not write code to disk or pull external binaries. That minimizes install-time risk.
Credentials
The SKILL.md references environment variables and secrets (SLACK_WEBHOOK, PAGERDUTY_KEY, DRY_RUN) and external services (Slack, PagerDuty, Confluence, Google Docs) but the skill metadata lists no required env vars or credentials. This mismatch is problematic: the skill expects to use notification hooks and possibly credentials to reach hosts, yet does not declare them. A user could accidentally have their real webhooks/keys used if present in the environment, and there is no explicit guidance on what is required or how secrets are handled.
Persistence & Privilege
always is false and the skill is user-invocable. There is no install-time persistence or configuration of other skills. Autonomous invocation is allowed (the platform default) but not combined with other high-risk factors such as permanent presence or unsolicited configuration changes.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install runbook-automator - 安装完成后,直接呼叫该 Skill 的名称或使用
/runbook-automator触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of runbook-automator.
- Converts manual incident runbooks into automated, executable playbooks.
- Parses existing runbooks to extract steps, health checks, rollback procedures, and notification hooks.
- Audits runbooks for missing verifications, rollback steps, and other gaps.
- Supports dry-run testing of generated playbooks to validate commands and dependencies.
- Provides structured templates for different incident types.
元数据
常见问题
Runbook Automator 是什么?
Convert manual incident runbooks into automated, executable playbooks. Parse existing runbooks, generate scripts for each step, add health checks, rollback p... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 37 次。
如何安装 Runbook Automator?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install runbook-automator」即可一键安装,无需额外配置。
Runbook Automator 是免费的吗?
是的,Runbook Automator 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Runbook Automator 支持哪些平台?
Runbook Automator 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Runbook Automator?
由 charlie-morrison(@charlie-morrison)开发并维护,当前版本 v1.0.0。
推荐 Skills