← 返回 Skills 市场
Rune
作者
NGUYEN VIET NAM
· GitHub ↗
· v2.15.0
· MIT-0
452
总下载
0
收藏
1
当前安装
15
版本数
在 OpenClaw 中安装
/install rune-kit
功能描述
Performs adversarial red-team analysis on approved plans to identify edge cases, security risks, scalability issues, error paths, and integration risks befor...
安全使用建议
What to check before installing:
- Confirm source/trust: The SKILL.md points to a GitHub repo and docs site, but the registry entry lists 'Source: unknown' and no homepage. Verify the upstream repository and maintainer identity (open the repo URL, inspect commit history, stars, and releases). Do not install unless you trust the publisher.
- Inspect code files: The bundle includes src/index.ts and multiple scripts. If possible, open and grep for network calls, hardcoded endpoints, command execution (child_process/exec), or references to tokens. Search for 'curl', 'gh api', 'fetch(', 'axios', 'exec(', 'spawn(', 'process.env.' and review what would be transmitted externally.
- Prompt injection artifacts: SKILL.md contains patterns that could try to override agent/system prompts. Manually review the raw skill docs for any instructions that attempt to change system-level behavior or tell the agent to ignore prior system instructions.
- Secrets & tokens: Although no env vars are declared, several workflows reference GitHub API usage and other external integrations that will require tokens (GITHUB_TOKEN, service API keys). Do not supply repository or organization-level tokens to the skill unless you understand and accept the exact scope of operations. Prefer granting minimal-scope tokens and run initial scans in a throwaway/test repo.
- File writes: The skill will read and write files under the repo (e.g., .rune/, assets/, AUDIT-REPORT.md). If you install in a sensitive repo, review writes first or run in a clone. Consider enabling version control hooks or running the skill in a sandboxed branch.
- Least privilege: If you must use it, run the skill with least privilege (no org-scoped tokens, restrict network access if your environment supports it) and monitor outbound traffic.
- Ask for provenance: If you want to proceed, request the author/homepage (the SKILL.md references github.com/rune-kit/rune and docs — verify those links resolve to the same code bundle). If you cannot verify the upstream repo and release, treat the package as untrusted.
If you want, I can (1) list the specific files/lines that call external APIs or run shell commands, (2) search the code for any occurrences of 'process.env', 'GITHUB_TOKEN', 'curl', or exec, or (3) extract the raw SKILL.md and highlight the exact prompt-injection snippets for manual review.
功能分析
Type: OpenClaw Skill
Name: rune-kit
Version: 2.15.0
The Rune skill bundle is a highly sophisticated and well-documented framework for AI-assisted development, implementing a mesh of 63 specialized skills. It features robust defensive mechanisms, including 'sentinel' for security gating, 'hallucination-guard' to prevent AI-generated import errors, and a dedicated 'integrity-check' skill (in skills/rune-integrity-check.md) designed to detect indirect prompt injection and memory poisoning in persisted state files. The architecture emphasizes process discipline through a 'skill-router' (in src/index.ts) and includes explicit risk disclosures for high-risk operations, such as the use of unofficial APIs in the Zalo extension. All high-privilege capabilities, such as file system access and command execution, are strictly aligned with the framework's stated purpose of providing a reliable, multi-session development environment.
能力标签
能力评估
Purpose & Capability
The skill metadata/descriptions highlight the 'adversary' red‑team function, but the published bundle is a full 63‑skill mesh (router, orchestrators, utilities, extension packs) covering diverse functionality (audit, autopsy, asset-creator, CI checks, etc.). That broad scope is coherent for a 'mesh' product but is inconsistent with the short description you provided if you expected a single-purpose red-team helper. Nothing in the package requests unrelated cloud credentials up front, but the mesh clearly intends to perform repository scanning, file reads/writes, and external API calls (e.g., GitHub API) that are beyond a narrow 'adversary-only' tool.
Instruction Scope
The SKILL.md and included skill documents instruct the agent to read many project files, run grep/gh/curl commands, write files into project dirs (e.g., .rune/, assets/), and call other internal skills. Those behaviors are expected for a project-auditing mesh, but the runtime docs contain detected prompt-injection strings (e.g., 'ignore-previous-instructions', 'system-prompt-override', unicode control characters). Prompt‑injection patterns in the skill guidance can be abused to try to override host policy or evaluation context; this is an unusual and risky artifact that should be examined. Also several steps suggest calling GitHub APIs or running CLI tools that may require secrets (GITHUB_TOKEN) even though no env vars are declared.
Install Mechanism
There is no install spec (instruction-only), which is lower risk than remote downloads. However, the bundle contains multiple code files (src/index.ts and JS scripts). The lack of an install spec plus presence of runnable source is a mild inconsistency: reviewers should confirm how/where this code will execute on the platform. No external downloads or URL-based installers were declared.
Credentials
Registry metadata declares no required environment variables or primary credential. Yet the instructions reference operations that commonly need credentials (e.g., GH API via gh or curl using GITHUB_TOKEN, possibly outbound calls to other services). The absence of declared env requirements is not necessarily malicious, but it is a discrepancy you should expect to encounter when the skill is used (it may prompt for tokens at runtime).
Persistence & Privilege
The package does not request 'always: true' and leaves autonomous invocation enabled (default). It instructs writing to project-local directories (e.g., .rune/, assets/) which is consistent with its purpose. No evidence it modifies other skills' configs or requests system-wide persistent privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install rune-kit - 安装完成后,直接呼叫该 Skill 的名称或使用
/rune-kit触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.15.0
• feat(v2.15.0): Second Opinion + Cross-Provider + Routing Clarity
v2.14.0
• chore(release): sync version + skill count across docs/index.html, ROADMAP, README, marketplace.json for v2.14.0
• feat(v2.14.0): Deep Modules — improve-architecture skill + 5 mesh hardening
• fix(plugin): move marketplace description to root + add schema ref
• feat(ba): logic-consistency check + artifact triad (v0.8.0)
• fix(ci): biome lint auto-format for openclaw-adapter tests
v2.13.0
• feat(v2.13.0): Script Contract + @rune-pro/media pack
• chore: remove GitNexus references from config
• docs: refresh VISION for v2.12 runtime discipline + retroactive Apr-02 wave entry
• docs(skills): add 'Use when...' clauses to 7 ambiguous-name skills
• docs: add getting-started, skill index, signals, troubleshooting + templates
• fix(ci): fix ClawHub publish and GitHub Release re-run
v2.12.3
- Added new "graft" skill, expanding the mesh to 62 skills and 215+ connections.
- Introduced onboard and session bridge scripts for enhanced automation and invariants handling.
- Updated architecture and documentation to reflect the new skill and increased connections.
- General improvements and maintenance across multiple existing skills and extension packs.
v2.10.0
v2.10.0 — graft skill (port features from external repos), Feature Map system (plan v1.4.0), 23 active mesh signals, 62 skills, 215+ connections
v2.8.0
Anti-Loop Intelligence — 7 skills enriched with loop detection, saturation analysis, error pattern matching, artifact folding, budget-aware progression
v2.7.0
Deep Knowledge release — 8 core skills enriched with battle-tested patterns, Pro packs deep enrichment v1.2.0
v2.4.0
Scripts bundling: compiler copies scripts/ dirs, resolves {scripts_dir} placeholder. New slides skill (L3) with build-deck.js demo. 60 skills, 530 tests.
v2.3.1
feat: /rune list discovery command + L4 extension auto-suggest in skill-router
v2.3.0
v2.3.0: context-pack L3 skill, output contracts on all L1-L2 skills, terminal guardrails
v2.2.6
v2.2.6: +retro skill, gstack enrichments (WTF self-regulation, completeness scoring, scope lock, destructive command guard), clean listing page
v2.2.4
v2.2.4: Workflow Registry 4-view (plan), NEXUS Handoff Templates (team/cook), wave-based execution, 4-layer test methodology. From agency-agents, CLI-Anything, GSD.
v2.2.3
v2.2.3: Enriched test/debug/skill-forge/security from superpowers (89k★). CI doctor fix.
v2.2.2
58 skills, 200+ mesh connections, 14 extension packs. UI/UX Pro Max integration.
v1.0.0
Initial release of the rune-kit "adversary" skill for pre-implementation plan analysis.
- Introduces an adversarial skill that stress-tests approved plans across 5 dimensions: edge cases, security, scalability, error propagation, and integration risk.
- Ensures every plan is challenged with at least one specific attack vector per dimension, with findings referenced to specific plan sections.
- Integrates with other Rune skills for specialized analysis (security, scalability, integration).
- Automates triggering based on plan document creation and is callable via direct invocation or from other skills (e.g., during task decomposition).
- Designed to catch plan flaws before code is written, improving workflow resilience.
元数据
常见问题
Rune 是什么?
Performs adversarial red-team analysis on approved plans to identify edge cases, security risks, scalability issues, error paths, and integration risks befor... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 452 次。
如何安装 Rune?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install rune-kit」即可一键安装,无需额外配置。
Rune 是免费的吗?
是的,Rune 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Rune 支持哪些平台?
Rune 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Rune?
由 NGUYEN VIET NAM(@nhadaututtheky)开发并维护,当前版本 v2.15.0。
推荐 Skills