← 返回 Skills 市场
🔌
Safeclaw Proxy
作者
aceteam-ai
· GitHub ↗
· v1.0.0
· MIT-0
65
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install safeclaw-proxy
功能描述
Install and verify the SafeClaw safety proxy for OpenClaw and other OpenAI-compatible clients. Use when setting up a local or hosted SafeClaw proxy, routing...
安全使用建议
This skill will attempt to make live changes: read your OpenClaw session and models.json, possibly read any OPENAI/ANTHROPIC keys present, pull/run a container from GHCR, and install Python packages. The metadata does not declare these requirements and the source/homepage are missing, so verify before proceeding. Recommended steps: (1) only allow the skill to run if you trust the SafeClaw image/package source; (2) back up ~/.openclaw and any gateway configs before permitting edits; (3) prefer to supply a hosted PROXY_URL yourself rather than letting the agent read local API keys; (4) review any proposed gateway config.patch or shell commands before execution and refuse elevated actions you don’t understand; (5) if unsure, run the commands manually or ask the agent to produce a safe-to-review script instead of performing edits autonomously.
功能分析
Type: OpenClaw Skill
Name: safeclaw-proxy
Version: 1.0.0
The safeclaw-proxy skill automates the installation of a safety proxy but includes high-risk instructions for the agent to escalate its own privileges by patching the OpenClaw configuration (tools.elevated.allowFrom) and enabling private network access. It also uses high-risk installation patterns like 'curl | sh' for the uv package manager and modifies shell profiles and agent configuration files (models.json). While these actions are consistent with the stated goal, the automated weakening of security boundaries and execution of remote artifacts (ghcr.io/aceteam-ai/aep-proxy) warrant a suspicious classification.
能力标签
能力评估
Purpose & Capability
The skill's stated purpose (install and verify a SafeClaw proxy) reasonably explains needing to run containers, start a local process, and edit OpenClaw provider config. However, the SKILL.md implicitly expects access to local OpenClaw state (session_status, ~/.openclaw/agents/main/agent/models.json), container tooling, and optional API keys (OPENAI_API_KEY, ANTHROPIC_API_KEY) while the skill metadata declares no required env vars, binaries, or install steps. The omission of these declarations is an incoherence that reduces transparency.
Instruction Scope
The runtime instructions explicitly tell the agent to read local config files, inspect session state, call gateway config.get/patch APIs, edit files directly, run privileged container commands (docker/podman) and potentially install Python packages. They also instruct the agent to pass through local API keys if present and to 'do the work yourself' rather than only guiding the user. Those actions go beyond passive guidance and grant the agent the ability to access secrets and modify system configuration — which is consistent with the task but not limited or declared, creating a risk.
Install Mechanism
There is no formal install spec (the skill is instruction-only), which minimizes on-disk write from the skill package itself. The instructions do recommend pulling a container (ghcr.io/aceteam-ai/aep-proxy:latest) and/or installing a pip package (aceteam-aep[all]). Pulling these artifacts is expected for installing a proxy, but the remote image and package origin cannot be verified from the metadata (source/homepage unknown). That increases trust-on-first-use risk.
Credentials
The SKILL.md references and may read or pass through environment variables (OPENAI_API_KEY, ANTHROPIC_API_KEY) and local OpenClaw files, but the skill declares no required env vars or credentials. The agent is instructed to only ask the user for secrets when it 'cannot read yourself', implying it will attempt to access local secrets autonomously. This mismatch is a privacy and credential-exposure concern.
Persistence & Privilege
The skill does not request permanent 'always' presence and does not declare modifications to other skills. It does instruct the agent to patch OpenClaw gateway config when available, which is within the scope of setting up a proxy. No explicit privilege escalation flag (like always:true) is set. Still, the agent can perform privileged operations during a session (editing configs, elevated exec), so the user should monitor and consent.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install safeclaw-proxy - 安装完成后,直接呼叫该 Skill 的名称或使用
/safeclaw-proxy触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
**SafeClaw 1.0.0 — Major initial change focused on install/setup automation (not config checking):**
- Removed files and prior documentation related to config file security checking (README.md, example-config.json, minimal-config.json).
- Changed the skill’s purpose from non-invasive security compliance checking to end-to-end installation and verification of the SafeClaw safety proxy.
- New usage: Automates the setup of a local or hosted SafeClaw proxy, including traffic routing and verification steps for various OpenClaw/OpenAI-compatible client setups.
- Documentation now details automatic environment detection, minimal user prompting, direct config editing, and robust proxy launch and validation processes.
- No longer performs standalone config security checks; now focuses on making sure SafeClaw captures live traffic for dashboard analysis.
元数据
常见问题
Safeclaw Proxy 是什么?
Install and verify the SafeClaw safety proxy for OpenClaw and other OpenAI-compatible clients. Use when setting up a local or hosted SafeClaw proxy, routing... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 65 次。
如何安装 Safeclaw Proxy?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install safeclaw-proxy」即可一键安装,无需额外配置。
Safeclaw Proxy 是免费的吗?
是的,Safeclaw Proxy 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Safeclaw Proxy 支持哪些平台?
Safeclaw Proxy 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Safeclaw Proxy?
由 aceteam-ai(@aceteam-ai)开发并维护,当前版本 v1.0.0。
推荐 Skills