← 返回 Skills 市场
477
总下载
1
收藏
4
当前安装
1
版本数
在 OpenClaw 中安装
/install safe-config-workflow
功能描述
安全修改 OpenClaw 配置,先查文档和验证,确认后自动修复并反馈,记录教训,确保 Gateway 正常运行。
安全使用建议
This skill appears coherent and focused on safely editing OpenClaw configuration, but before installing: 1) Ensure the agent integration actually requires and enforces explicit user confirmation before running 'openclaw doctor --fix' (or run doctor without --fix to preview changes). 2) Keep backups (the SKILL.md already recommends this). 3) Review diffs produced by the skill before accepting changes. 4) Be careful when recording lessons to MEMORY.md — redact any secrets or tokens from saved notes. 5) If you are uncomfortable with automatic fixes, run the diagnostic steps manually or ask the agent to output a proposed patch instead of applying it automatically.
功能分析
Type: OpenClaw Skill
Name: safe-config-workflow
Version: 1.0.0
The skill bundle is designed for a legitimate administrative purpose (safe configuration workflow) and includes instructions emphasizing safety and user confirmation. However, the `SKILL.md` instructs the AI agent to perform direct file modifications (e.g., `nano ~/.openclaw/openclaw.json` for manual fixes) and execute shell commands with pipelines (e.g., `openclaw doctor --fix 2>&1 | grep -E ...`). While these capabilities are necessary for the skill's stated function, they represent significant control over the system's configuration and command execution. This poses a vulnerability risk (e.g., via prompt injection against the agent) due to the powerful capabilities granted, even though there is no evidence of malicious intent within the skill bundle itself.
能力评估
Purpose & Capability
Name/description match the actions in SKILL.md: it operates on ~/.openclaw/openclaw.json, uses the openclaw CLI (doctor, gateway, logs), and documents fixes. No unrelated environment variables, binaries, or install steps are requested.
Instruction Scope
Runtime instructions stay within the declared purpose (checking, auto-fixing, diffing, backing up, logging lessons). The flow requires explicit user confirmation before running 'openclaw doctor --fix', but the SKILL.md relies on procedural discipline rather than an enforced guard — confirm that any integration actually prompts the user. Also note MEMORY.md may end up storing configuration values; sensitive secrets should be redacted before recording.
Install Mechanism
Instruction-only skill with no install spec or downloaded artifacts. This is the lowest-risk install footprint.
Credentials
No environment variables, credentials, or external endpoints are requested. Actions are limited to local config paths (~/.openclaw/*) which are appropriate for a config-management skill.
Persistence & Privilege
always is false and model invocation is normal. The skill suggests writing its own MEMORY.md but does not request modifying other skills or system-wide settings. No elevated persistence is requested.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install safe-config-workflow - 安装完成后,直接呼叫该 Skill 的名称或使用
/safe-config-workflow触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
初始版本:安全的配置修改流程,包含 doctor --fix 兜底、热重载验证、双重保险机制
元数据
常见问题
安全配置流程 是什么?
安全修改 OpenClaw 配置,先查文档和验证,确认后自动修复并反馈,记录教训,确保 Gateway 正常运行。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 477 次。
如何安装 安全配置流程?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install safe-config-workflow」即可一键安装,无需额外配置。
安全配置流程 是免费的吗?
是的,安全配置流程 完全免费(开源免费),可自由下载、安装和使用。
安全配置流程 支持哪些平台?
安全配置流程 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 安全配置流程?
由 nicoxia(@nicoxia)开发并维护,当前版本 v1.0.0。
推荐 Skills