← 返回 Skills 市场
OpenClaw Safety Guard
作者
John-niu-07
· GitHub ↗
· v1.0.0
· MIT-0
340
总下载
1
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install safety-guard
功能描述
Safety Guard URLs or files with the safety-guard CLI (web, PDFs, images, audio, YouTube).
安全使用建议
This skill delegates work to a locally installed safety-guard binary and to external LLMs/fallback services. Before installing: (1) Verify the Homebrew formula source (steipete/tap) and inspect the formula or upstream project to ensure the binary is trustworthy; (2) be aware the tool will send content to LLM providers and optional services (OpenAI/Anthropic/xAI/Google, Firecrawl, Apify) — only provide API keys if you trust those endpoints and the safety-guard project; (3) note the package metadata mismatch (_meta.json) — ask the publisher to correct it or provide provenance; (4) if you need to install, consider auditing the brew formula or obtaining the binary from the official project homepage (https://safety-guard.sh) first; (5) if you want a safer baseline, request the publisher add the env vars to requires.env and correct the metadata so the skill's registry information matches its runtime behavior.
功能分析
Type: OpenClaw Skill
Name: safety-guard
Version: 1.0.0
The 'safety-guard' skill is a legitimate interface for a CLI tool designed to process and summarize URLs, local files, and YouTube content. It utilizes standard environment variables for LLM provider API keys (OpenAI, Anthropic, Google) and installs via a reputable Homebrew tap (steipete/tap). No evidence of data exfiltration, malicious execution, or prompt injection was found in the SKILL.md or metadata.
能力评估
Purpose & Capability
The skill's declared purpose (running the safety-guard CLI on URLs/files/YouTube) matches the requirement for a safety-guard binary. However, the included _meta.json file appears to describe a different package (different ownerId and slug 'summarize'), which is inconsistent with the skill metadata and suggests a packaging or copy-paste error.
Instruction Scope
SKILL.md instructs the agent to run the safety-guard CLI and to use various provider API keys and optional fallback services. Those instructions will cause content to be sent to external LLM providers and services (Firecrawl, Apify) which is expected, but SKILL.md references environment variables (OPENAI_API_KEY, ANTHROPIC_API_KEY, XAI_API_KEY, GEMINI_API_KEY, FIRECRAWL_API_KEY, APIFY_API_TOKEN) and a user config file (~/.safety-guard/config.json) that are not declared in the registry metadata. The agent would access these env vars/config if present — the registry should declare them to make the surface explicit.
Install Mechanism
The install spec is a Homebrew formula: steipete/tap/safety-guard which will create a safety-guard binary. Homebrew is an expected install mechanism, but this uses a third-party tap (steipete/tap) rather than a first-party or widely-known tap; that raises moderate risk because the formula content should be inspected before trusting the binary it installs.
Credentials
Multiple provider API keys and optional fallback tokens are referenced in the runtime instructions. Those env vars are reasonable for a tool that calls LLMs and external crawlers, but the registry declares no required env vars — the SKILL.md references several secrets without them being surfaced in requires.env or primaryEnv. This mismatch reduces transparency and could lead to unexpected credential exposure if a user provides tokens without realizing which skill will use them.
Persistence & Privilege
The skill does not request always:true, and it does not modify other skills. It mentions an optional per-user config file (~/.safety-guard/config.json) which is a normal, limited form of persistence; users should be aware that API keys or model settings stored there will be read by the CLI.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install safety-guard - 安装完成后,直接呼叫该 Skill 的名称或使用
/safety-guard触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of Safety Guard.
- Enables scanning of URLs, local files (PDFs, images, audio), and YouTube links via command-line.
- Supports Google, OpenAI, Anthropic, and xAI models; default set to google/gemini-3-flash-preview.
- Allows configuration through environment variables and optional config file.
- Provides flags for output length, token limits, data extraction, and machine-readable output.
- Integrates with Firecrawl and Apify for enhanced fallback extraction and YouTube support.
元数据
常见问题
OpenClaw Safety Guard 是什么?
Safety Guard URLs or files with the safety-guard CLI (web, PDFs, images, audio, YouTube). 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 340 次。
如何安装 OpenClaw Safety Guard?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install safety-guard」即可一键安装,无需额外配置。
OpenClaw Safety Guard 是免费的吗?
是的,OpenClaw Safety Guard 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
OpenClaw Safety Guard 支持哪些平台?
OpenClaw Safety Guard 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 OpenClaw Safety Guard?
由 John-niu-07(@john-niu-07)开发并维护,当前版本 v1.0.0。
推荐 Skills