← 返回 Skills 市场
run.dev — Local Dev Environment Manager
作者
Daniel Tamas
· GitHub ↗
· v0.1.0
· MIT-0
220
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install rundev-local-dev
功能描述
Local dev environment manager. Process management, automatic HTTPS domains, SSL certificates, reverse proxy, and AI crash diagnosis — single binary, zero con...
安全使用建议
This skill looks functionally coherent with a local dev manager, but it requires high privileges and its recommended installer is a risky curl | bash flow. Before installing: 1) Inspect the install script at https://getrun.dev/install.sh (do not run it blind). 2) Verify the upstream project (GitHub repo, release tags, maintainers) and prefer signed releases or package-manager installs. 3) Confirm the installer’s exact sudoers change and consider rejecting NOPASSWD or running the helper with explicit sudo prompts. 4) Understand and opt out of any log-sharing to external AI (Claude); don't send sensitive project/log data. 5) Consider running in a disposable VM/container if you want to limit host changes. 6) Ensure the tool provides a trustworthy uninstall that truly reverts sudoers, hosts, and iptables/pfctl changes. If you cannot verify the installer or source, treat the installation as high risk.
功能分析
Type: OpenClaw Skill
Name: rundev-local-dev
Version: 0.1.0
The rundev-local-dev skill bundle (SKILL.md) describes a local development manager that performs high-risk system operations, including modifying /etc/hosts via a NOPASSWD sudoers rule, altering system firewall rules (iptables/pfctl), and executing arbitrary shell commands. While these capabilities are aligned with its stated purpose as a process manager and reverse proxy, the requirement for elevated privileges and the recommended installation via 'curl | bash' from https://getrun.dev/install.sh represent significant security risks and potential vectors for privilege escalation.
能力评估
Purpose & Capability
The name and description (local process manager, reverse proxy, hosts editing, SSL certs) align with the actions described in SKILL.md (installing a privileged helper, managing /etc/hosts, port forwarding, installing mkcert). Those privileged actions are logically required for the stated features, so capability set is coherent, but they are high-privilege for a single-binary local tool and deserve scrutiny.
Instruction Scope
SKILL.md explicitly recommends running a network-installed installer (curl -fsSL https://getrun.dev/install.sh | bash) and documents making system-wide changes: adding a NOPASSWD sudoers rule for a hosts helper, altering pfctl/iptables rules, installing mkcert, and managing /etc/hosts. It also advertises an 'AI crash diagnosis' / 'Ask Claude' feature that implies sending logs or error output to an external AI service — this is a privacy risk not fully described in the doc.
Install Mechanism
There is no registry install spec; the SKILL.md recommends a curl|bash one-liner that fetches and runs an install.sh from getrun.dev. Remote, unverified installers piped to sh are high-risk because they execute arbitrary code on the machine. The installer will write binaries and privileged helper config and modify network rules; users should want to inspect the script and its source before running it.
Credentials
The skill requests no environment variables or credentials in registry metadata, which is appropriate. However, the need for a NOPASSWD sudoers entry and a privileged helper is a form of elevated access that is disproportionate for casual tooling unless the user consents. The potential transmission of logs to an external AI (Claude) is a credential/privacy concern even though no keys are declared here — the SKILL.md does not explain whether data is sent off-host, what is sent, or how to opt out.
Persistence & Privilege
The installer claims to install a persistent privileged helper (sudoers NOPASSWD) and permanent port-forwarding rules (pfctl/iptables). While persistence is needed for editing /etc/hosts and port forwarding, NOPASSWD entries and kernel/network rule changes increase the blast radius of compromise and should be justified explicitly and reversible. The skill metadata does not request 'always: true', but the installation behavior itself grants elevated, persistent privileges on the host.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install rundev-local-dev - 安装完成后,直接呼叫该 Skill 的名称或使用
/rundev-local-dev触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Initial release of rundev-local-dev: a zero-config local dev environment manager.
- Single Rust binary replaces terminal tabs, nginx/Caddy configs, and manual SSL for local dev.
- Features automatic HTTPS local domains, SSL certificates, reverse proxy, and process management.
- Built-in TUI dashboard for starting/stopping services, log inspection, and real-time resource stats.
- Includes AI-powered crash diagnosis via Claude.
- Transparent installation script—no containers or virtualization, native macOS and Linux support.
元数据
常见问题
run.dev — Local Dev Environment Manager 是什么?
Local dev environment manager. Process management, automatic HTTPS domains, SSL certificates, reverse proxy, and AI crash diagnosis — single binary, zero con... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 220 次。
如何安装 run.dev — Local Dev Environment Manager?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install rundev-local-dev」即可一键安装,无需额外配置。
run.dev — Local Dev Environment Manager 是免费的吗?
是的,run.dev — Local Dev Environment Manager 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
run.dev — Local Dev Environment Manager 支持哪些平台?
run.dev — Local Dev Environment Manager 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 run.dev — Local Dev Environment Manager?
由 Daniel Tamas(@danieltamas)开发并维护,当前版本 v0.1.0。
推荐 Skills