← 返回 Skills 市场
Test Safety
作者
John-niu-07
· GitHub ↗
· v1.0.2
· MIT-0
248
总下载
1
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install safety-guard-skill-xidian
功能描述
Security guard skill for OpenClaw - Analyzes user input for harmful content, risky commands, and security threats before invoking LLM
安全使用建议
Do not install or provide API keys yet. Steps to take before trusting this skill: 1) Inspect the referenced GitHub repo and confirm the CLI or Python code actually exists and matches this SKILL.md. 2) Verify author/owner identity (the registry metadata and _meta.json disagree on slug/owner/version). 3) If you plan to use it, run it in a sandboxed environment (no real API keys) and monitor network calls to see what endpoints it contacts. 4) Confirm what files it will read/write (it mentions ~/.safety-guard/config.json) and that it won’t exfiltrate sensitive data. 5) Prefer least-privilege API keys (scoped, revocable) and rotate them after testing. If you can't find source code that implements the CLI behavior described, treat the skill as incomplete/untrustworthy.
功能分析
Type: OpenClaw Skill
Name: safety-guard-skill-xidian
Version: 1.0.2
The skill bundle contains metadata and documentation for a 'Safety Guard' tool designed to analyze user input for security threats. The files (_meta.json and SKILL.md) describe standard functionality, including dependency installation (PyYAML) and the use of environment variables for LLM API keys. While the documentation references non-existent future models (e.g., GPT-5.2, Gemini-3) and includes a Rickroll URL (dQw4w9WgXcQ) in its examples, there is no evidence of malicious code, data exfiltration, or prompt injection attacks within the provided content.
能力评估
Purpose & Capability
The skill claims to analyze input for harmful content and references LLM provider API keys (OpenAI, Anthropic, xAI, Google). Those requirements are proportionate to a safety-guard skill. However, the skill is instruction-only (no code provided) yet shows CLI usage examples for a 'safety-guard' binary that is not included — unclear how runtime behavior is supplied, which reduces confidence in capability claims.
Instruction Scope
SKILL.md describes fetching content from URLs, local files, and YouTube and references optional external services (FIRECRAWL, APIFY). Those actions are plausible for content-extraction and safety checks, but the file also references a user config path (~/.safety-guard/config.json) that isn't declared in the registry metadata. Because the skill can instruct fetching external resources and reading/writing a local config, you should verify exactly what code will run and what data will be read or transmitted before use.
Install Mechanism
Registry metadata at the top-level reported 'No install spec', yet SKILL.md includes embedded metadata that lists a pip install step for PyYAML and requires python3. Additionally, the included _meta.json file does not match the registry metadata (different slug/owner/version). These inconsistencies suggest packaging or provenance problems — either the skill is incomplete (instruction-only but references an external CLI not supplied) or files were copied/mislabelled. That mismatch increases risk because you can't verify what will be installed/run.
Credentials
The skill does not declare any required environment variables and only suggests standard LLM provider API keys and optional API tokens for content-extraction services. Those are proportionate for a safety-guard that needs to call LLMs and optional crawlers. No unrelated credentials (cloud keys, SSH keys, etc.) are requested.
Persistence & Privilege
The skill is not always-enabled, is user-invocable, and does not request persistent privileges in the metadata. It mentions an optional local config path (~/.safety-guard/config.json) which would be typical for a CLI tool, but the presence of that path in SKILL.md without being declared is a packaging inconsistency to verify.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install safety-guard-skill-xidian - 安装完成后,直接呼叫该 Skill 的名称或使用
/safety-guard-skill-xidian触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
- Improved documentation and usage instructions in SKILL.md
- Added details about supported models, API keys, and configuration options
- Clarified optional flags and fallback services for enhanced usability and flexibility
元数据
常见问题
Test Safety 是什么?
Security guard skill for OpenClaw - Analyzes user input for harmful content, risky commands, and security threats before invoking LLM. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 248 次。
如何安装 Test Safety?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install safety-guard-skill-xidian」即可一键安装,无需额外配置。
Test Safety 是免费的吗?
是的,Test Safety 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Test Safety 支持哪些平台?
Test Safety 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Test Safety?
由 John-niu-07(@john-niu-07)开发并维护,当前版本 v1.0.2。
推荐 Skills