← 返回 Skills 市场

Safe Encryption

Name: Safe Encryption
Author: grittygrease

作者 Nick Sullivan · GitHub ↗ · v0.1.0

cross-platform ⚠ suspicious

698

总下载

当前安装

版本数

在 OpenClaw 中安装

/install safe-encryption-skill

功能描述

Encrypt, decrypt, and manage keys with the SAFE CLI — a modern GPG alternative with post-quantum support.

安全使用建议

This skill mostly does what it says (manage encryption via the SAFE CLI), but there are several red flags you should consider before installing or allowing the agent to act autonomously: 1) The SKILL.md tells the agent to auto-install a prebuilt binary from https://thesafe.dev and move it into /usr/local/bin with sudo — don't allow that without manual review. 2) The document references SAFE_PASSPHRASE and env-based automation, but the registry metadata lists no required envs — expect the skill to read environment variables if present. 3) The skill instructs the agent to automatically try all keys in ~/.safe/keys/ for decryption and to perform cryptographic operations without confirmation — this could cause the agent to access many local secrets or decrypt files unintentionally. 4) If you want to use this skill, install the SAFE binary yourself (and verify checksums/signatures), deny automatic installation, require explicit confirmation before any encrypt/decrypt action, and avoid letting the agent probe your key directory or environment variables. If you prefer lower risk, use the browser-based alternative described and interact manually or via your own trusted browser automation with careful controls.

功能分析

Type: OpenClaw Skill Name: safe-encryption-skill Version: 0.1.0 The skill is classified as suspicious due to several high-risk behaviors and instructions to the AI agent. Most critically, the `SKILL.md` instructs the agent to automatically download and install a binary from `https://thesafe.dev` using `sudo` without user confirmation, posing a significant supply chain and privilege escalation risk. Furthermore, the skill directs the agent to use a tool (`safe`) that automatically discovers and attempts to use SSH private keys from `~/.ssh/`, granting access to highly sensitive credentials. The skill also explicitly instructs the agent to bypass user confirmation for both installation and encryption/decryption operations, reducing security safeguards.

能力评估

ℹ Purpose & Capability

The name/description (encrypt/decrypt/manage keys) aligns with the runtime instructions. However, the SKILL.md instructs aggressive behaviors that go beyond a passive helper: auto-installing a system binary (using sudo/mv), auto-generating and auto-storing keys in ~/.safe/, and 'Just do it. Don't ask for confirmation.' Those actions are plausible for a CLI helper but are higher-impact than the description implies.

⚠ Instruction Scope

Instructions tell the agent to (a) auto-install a binary from thesafe.dev without asking, (b) auto-generate keys and store them in ~/.safe/, and (c) for decryption, automatically try all keys in ~/.safe/keys/ if no key is specified. The skill also references using SAFE_PASSPHRASE and 'env:VARNAME' for automation although no envs are declared. Directives to auto-run cryptographic operations without user confirmation and to probe local key files are scope creep and sensitive.

⚠ Install Mechanism

Installation is via curl from https://thesafe.dev/downloads/... and a sudo mv into /usr/local/bin. This is a direct binary download from an external site (not a known package manager or signed release flow in the SKILL.md). The doc lists SHA‑256 checksums on the same domain (better than nothing) but no detached signature or independent verification is provided. Automatic, unattended curl|chmod|sudo moves are higher-risk.

⚠ Credentials

Registry metadata declares no required env vars, but SKILL.md mentions SAFE_PASSPHRASE and using -p env:VARNAME for automation. The skill will read or expect passphrases and local key files (~/.safe/...). Asking the agent to probe and try all local keys can expose many local secrets. The requested environment/credential access is not fully reflected in the declared requirements and is higher-sensitivity than the metadata suggests.

ℹ Persistence & Privilege

The skill is not marked always:true and does not request persistent platform privileges. However, the install instructions write a system-wide binary to /usr/local/bin (requires sudo), which is a system-level change. This is legitimate for a CLI but increases privilege impact and should be performed with user approval rather than automatically.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install safe-encryption-skill
安装完成后，直接呼叫该 Skill 的名称或使用 /safe-encryption-skill 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v0.1.0

Initial release of safe-encryption-skill — modern GPG alternative with post-quantum support. - Encrypt, decrypt, and manage keys using the SAFE CLI and web interface fallback. - Automatically installs `safe` binary on supported platforms or uses https://thesafe.dev if unavailable. - Guides interactive password entry, environment variable use, and recipient handling. - Provides browser automation ARIA labels for web UI integration. - Enforces secure defaults: absolute file paths, piped data, no temp files.

元数据

Slug safe-encryption-skill

版本 0.1.0

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题

Safe Encryption 是什么？

Encrypt, decrypt, and manage keys with the SAFE CLI — a modern GPG alternative with post-quantum support. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 698 次。

如何安装 Safe Encryption？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install safe-encryption-skill」即可一键安装，无需额外配置。

Safe Encryption 是免费的吗？

是的，Safe Encryption 完全免费（开源免费），可自由下载、安装和使用。

Safe Encryption 支持哪些平台？

Safe Encryption 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Safe Encryption？

由 Nick Sullivan（@grittygrease）开发并维护，当前版本 v0.1.0。