← 返回 Skills 市场
266
总下载
2
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install secretclaw
功能描述
Securely input API keys and sensitive values into OpenClaw without typing them in chat. Uses a local HTTP server + Cloudflare Tunnel to serve an HTTPS form....
安全使用建议
This skill implements what it says (a one-time HTTPS form that saves the submitted value to an OpenClaw config path), but there are several practical and security points to consider before installing:
- Metadata mismatch: the package claims no required binaries, but the script requires both 'cloudflared' and the 'openclaw' CLI. Ensure you or your environment have both installed and that you trust those binaries.
- High-power action: the script will run 'openclaw config set <config_key> <value>' for whatever config_key you pass. That means an agent-initiated run can overwrite any OpenClaw config entry (including Discord tokens, API keys, or other skills' secrets). Only allow this skill for trusted agents and verified runs.
- Tunnel exposure: the submitted secret is sent from your browser through a Cloudflare Quick Tunnel to your local server. The tunnel URL is unguessable but effectively grants access to anyone who obtains the link while it's live. Share the URL only through secure channels and ensure it is used immediately.
- Audit the code and runtime: because this is a script that will execute subprocesses, review the included script (you already have it) and test it in a safe environment. Confirm that TUNNELS.md and any config changes meet your audit policies and that tunnel entries are removed after shutdown.
- Safer alternatives: if you require stronger assurance, consider entering secrets locally into a trusted vault or using an approach that does not expose a public URL (e.g., a local-only form or system clipboard transfer under user control).
If you decide to install/enable: verify 'cloudflared' and 'openclaw' versions from trusted sources, restrict agent permissions to trusted users, and test the flow with a low-privilege config key first.
功能分析
Type: OpenClaw Skill
Name: secretclaw
Version: 1.0.0
The 'secretclaw' skill provides a secure mechanism for users to input sensitive API keys into OpenClaw without exposing them in chat logs. It implements a temporary local HTTP server (scripts/secret_server.py) exposed via a Cloudflare Quick Tunnel, utilizing one-time tokens and immediate self-destruction after the secret is saved via the 'openclaw' CLI. The implementation is transparent, follows its documented purpose, and lacks any indicators of malicious intent or data exfiltration.
能力评估
Purpose & Capability
The SKILL.md/README claim no required binaries or env vars, but the script requires two external binaries at runtime: 'cloudflared' (to create the HTTPS tunnel) and 'openclaw' (to run 'openclaw config set'). Declaring none is an incoherence in the metadata. The script also writes workspace/TUNNELS.md — expected for a tunnel manager, but something the metadata did not enumerate.
Instruction Scope
Runtime instructions and the included Python implement exactly the advertised workflow: start local HTTP server, open Cloudflare Quick Tunnel, return a one-time URL, accept a secret, call 'openclaw config set <config_key> <value>', then shut down. However the agent (and anyone who can access the URL while it's live) can set any OpenClaw config key supplied to the script (examples explicitly include 'channels.discord.token' and arbitrary skill config paths). That power is consistent with the stated goal but expands the blast radius: the mechanism can overwrite other credentials and config entries.
Install Mechanism
There is no install spec (instruction-only skill with an included script), so nothing is downloaded or written by an installer. The runtime does rely on local binaries ('cloudflared' and 'openclaw'), but there is no package fetch from unknown URLs. No extraction of remote archives is performed by the skill itself.
Credentials
The skill declares no required env vars but needs binaries present; this mismatch is problematic (user must ensure cloudflared and openclaw are installed). The script does not request unrelated credentials, nor does it exfiltrate the submitted secret to developer-owned servers; however the secret traverses Cloudflare's Quick Tunnel (the request goes through Cloudflare infrastructure) and the skill can write arbitrary config keys inside OpenClaw — including other skills' tokens — so it can be used to inject or overwrite high-value credentials.
Persistence & Privilege
always:false (normal). The script writes and updates workspace/TUNNELS.md and runs a cloudflared process while live; entries are removed on shutdown. It does not autonomously enable itself or change other skills' code, but it can modify OpenClaw configuration (via 'openclaw config set'), which is expected for its purpose but is a privileged action regarding agent configuration.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install secretclaw - 安装完成后,直接呼叫该 Skill 的名称或使用
/secretclaw触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: secure secret input via Cloudflare Tunnel
元数据
常见问题
SecretClaw 是什么?
Securely input API keys and sensitive values into OpenClaw without typing them in chat. Uses a local HTTP server + Cloudflare Tunnel to serve an HTTPS form.... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 266 次。
如何安装 SecretClaw?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install secretclaw」即可一键安装,无需额外配置。
SecretClaw 是免费的吗?
是的,SecretClaw 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
SecretClaw 支持哪些平台?
SecretClaw 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 SecretClaw?
由 apsntian(@apsntian)开发并维护,当前版本 v1.0.0。
推荐 Skills