← 返回 Skills 市场
87
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install safe-shell-execution-claude-code
功能描述
Perform layered safety checks on shell commands: detect injections, warn before destructive ops, protect sensitive paths, and require confirmations before ex...
安全使用建议
This skill is low-install-risk (instruction-only) and does aim to do something useful, but its rules are currently too blunt and ambiguous to trust without clarification. Before installing or relying on it: 1) Ask the author to justify and narrow any outright 'reject' rules (in particular the '${}'/parameter-expansion rejection) and to provide exact patterns or a proper shell parser approach rather than plain substring matches. 2) Request evidence for the provenance claim (what was copied from ~/.claude and why), or remove it. 3) Ask how confirmations are presented, logged, and how false positives are handled. 4) Test the rules in a safe sandbox to see how often benign commands are blocked and whether required confirmations are usable. If you cannot get clear answers or implementation details, treat the skill as brittle and avoid depending on it for production safety.
功能分析
Type: OpenClaw Skill
Name: safe-shell-execution-claude-code
Version: 1.0.0
The skill bundle provides a comprehensive set of safety instructions for AI agents to validate shell commands before execution. It implements layered security checks including shell injection detection (e.g., command substitution, Zsh-specific expansions), warnings for destructive operations (e.g., rm -rf, git reset), and protection for sensitive files (e.g., ~/.ssh, shell configs). The content in SKILL.md is purely defensive and aligns with its stated purpose of preventing accidental or malicious system damage.
能力评估
Purpose & Capability
The name/description match the SKILL.md: it's an instruction-only safety wrapper for shell execution. However the SKILL.md claims provenance from Claude Code and that internal files live in ~/.claude — a provenance claim that is unverifiable and unnecessary for the skill to function. That mismatch should be questioned but doesn't by itself break the purpose alignment.
Instruction Scope
The instructions are prescriptive but also technically overbroad and ambiguous. Examples: Layer 1 lists '${}' (parameter expansion) and other common shell constructs as patterns to 'reject directly' — this would block many benign, normal commands (e.g., echo ${HOME}, PATH manipulations). The guidance lacks a precise parsing strategy (how to detect writes vs reads, redirections, quoted expansions, or environment-variable-based paths), and does not specify exact regexes or a safe implementation approach. It also requires interactive confirmations but gives no guidance on how confirmations are surfaced/recorded. These make the instructions hard to implement correctly and could cause frequent false positives or surprising refusals.
Install Mechanism
Instruction-only skill with no install spec, no executable downloads, and no code files — minimal installation risk and nothing is written to disk by the skill itself.
Credentials
The skill requests no environment variables, no credentials, and no config paths. The sensitive-path list is reasonable as items to protect, but the skill does not ask for access to them. The provenance claim about reading ~/.claude is uncorroborated and should be treated skeptically.
Persistence & Privilege
always is false and there is no install-time persistence requested. The skill can be invoked autonomously (platform default) which is expected for a runtime safety helper; that by itself is not a red flag. There is no request to modify other skills or system-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install safe-shell-execution-claude-code - 安装完成后,直接呼叫该 Skill 的名称或使用
/safe-shell-execution-claude-code触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of safe-shell-execution skill extracted from Claude Code production security patterns.
- Adds multi-layered safety for any shell execution request: detects injections, warns on destructive ops, and protects sensitive files.
- Detects and blocks command substitution, Zsh-specific attack surfaces, and other injection patterns before execution.
- Displays explicit warnings and requires confirmation for destructive git and filesystem operations.
- Enforces confirmation for write access to shell configs, credentials, or system-critical files.
- Provides clear classification and handling of commands (safe, caution, warning, reject) with step-by-step flow.
- Rejects unsafe commands with detailed reasons for user clarity.
元数据
常见问题
safe-shell-execution-claude-code 是什么?
Perform layered safety checks on shell commands: detect injections, warn before destructive ops, protect sensitive paths, and require confirmations before ex... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 87 次。
如何安装 safe-shell-execution-claude-code?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install safe-shell-execution-claude-code」即可一键安装,无需额外配置。
safe-shell-execution-claude-code 是免费的吗?
是的,safe-shell-execution-claude-code 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
safe-shell-execution-claude-code 支持哪些平台?
safe-shell-execution-claude-code 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 safe-shell-execution-claude-code?
由 lizlzzzz(@lizlzzzz)开发并维护,当前版本 v1.0.0。
推荐 Skills