← 返回 Skills 市场
Secure Workspace
作者
asistentegordito
· GitHub ↗
· v1.0.1
· MIT-0
38
总下载
0
收藏
1
当前安装
2
版本数
在 OpenClaw 中安装
/install secure-workspace
功能描述
Cifra API keys, tokens y contraseñas con age para proteger secrets del workspace.
使用说明 (SKILL.md)
Secure Workspace
Cifra secrets con age para protegerlos en repositorios y backups.
Uso
# 1. Generar par de llaves (si no existe)
bash scripts/secure/setup.sh
# 2. Cifrar un secreto
echo 'export API_KEY="..."' | bash scripts/secure/encrypt.sh scripts/secure/secrets.env.age
# 3. Descifrar al vuelo
source \x3C(bash scripts/secure/decrypt.sh scripts/secure/secrets.env.age)
Archivos
| Archivo | Función |
|---|---|
scripts/secure/encrypt.sh |
Cifra stdin → .age |
scripts/secure/decrypt.sh |
Descifra .age → stdout |
scripts/secure/setup.sh |
Genera par de llaves |
Requisitos
age(apt install age / brew install age)
Nota
La clave privada está en /root/.age/key.txt. No se sube al repo.
安全使用建议
Install only if you want a simple local age-based workflow for workspace secrets. Run setup first, verify which key path the helpers use, protect the private key carefully, and avoid sourcing decrypted secrets in shared shells, logs, CI steps, or sessions that will run untrusted commands.
能力标签
能力评估
Purpose & Capability
The skill purpose is to protect API keys, tokens, and passwords with age; the artifacts only document and provide setup, encrypt, and decrypt shell helpers for that workflow.
Instruction Scope
The documented `source <(...)` usage intentionally loads decrypted secrets into the current shell environment, which is purpose-aligned but leaves secrets available to later shell commands until cleared.
Install Mechanism
The setup script creates `$HOME/.age/key.txt`, sets the directory to 700, and rewrites the helper scripts to use the home-directory key; this is disclosed behavior, though mutating shipped helper scripts is worth noticing.
Credentials
The packaged helpers initially hard-code `/root/.age/key.txt`, while setup rewrites them to `$HOME/.age/key.txt`; this is a portability and scoping caution, not evidence of hidden or unrelated behavior.
Persistence & Privilege
The skill persists a local age private key for future decryptions, which is expected for the stated purpose; no background process, privilege escalation, destructive action, or exfiltration path was found.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install secure-workspace - 安装完成后,直接呼叫该 Skill 的名称或使用
/secure-workspace触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Fix: standalone skill directory, only ships SKILL.md + encrypt/decrypt/setup scripts. Removed 102 unnecessary workspace files that triggered ClawScan false positive.
元数据
常见问题
Secure Workspace 是什么?
Cifra API keys, tokens y contraseñas con age para proteger secrets del workspace. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 38 次。
如何安装 Secure Workspace?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install secure-workspace」即可一键安装,无需额外配置。
Secure Workspace 是免费的吗?
是的,Secure Workspace 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Secure Workspace 支持哪些平台?
Secure Workspace 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Secure Workspace?
由 asistentegordito(@asistentegordito)开发并维护,当前版本 v1.0.1。
推荐 Skills