← 返回 Skills 市场
103
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install setup-validator
功能描述
Validate OpenClaw installation safety by checking for common security misconfigurations and setup issues. Use this skill during initial setup, periodic heart...
安全使用建议
This skill appears to do what it claims: local checks of ~/.openclaw, plugin manifests, sandbox config, and dependency versions. Before installing or scheduling it to run periodically, review and consider: (1) run the scripts as an unprivileged user (do not run as root) so checks cannot accidentally change system state; (2) the cron suggestion runs the validator regularly — ensure you want automated periodic checks and log retention; (3) npm/openclaw calls may reach the network to check versions, so run in an environment where that is acceptable; (4) confirm file ownership/permissions of the scripts after installation (the SKILL.md suggests chmod) so only authorized users can modify them. If you need extra assurance, inspect the included Python files locally — they are small and readable and contain no hidden network endpoints or credential exfiltration.
能力评估
Purpose & Capability
The name/description match the behavior: scripts examine ~/.openclaw (config and plugins), check sandbox settings, and verify versions via npm/openclaw. No unrelated credentials, services, or binaries are required beyond the optional use of npm/openclaw which the code already checks for.
Instruction Scope
SKILL.md directs the agent to run local Python scripts, make them executable, and optionally schedule via cron. The scripts only read OpenClaw-related paths (~/.openclaw/*), inspect manifests, and call npm/openclaw for version checks — all within the stated validator purpose. No instructions attempt to read unrelated system files or exfiltrate data.
Install Mechanism
There is no install spec; the skill is instruction-plus-local-scripts only. All included files are plain Python and markdown; there are no downloads or archive extraction steps that would introduce high-risk arbitrary code fetches.
Credentials
The skill declares no environment variables or credentials and the code does not require any secrets. It calls external commands (npm/openclaw) if available, and optionally imports PyYAML if present — these are reasonable for dependency/version and config parsing checks.
Persistence & Privilege
always is false and the skill does not try to modify other skills or system-wide agent configuration. It suggests user-managed cron scheduling; that is a user action rather than forced persistence by the skill itself.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install setup-validator - 安装完成后,直接呼叫该 Skill 的名称或使用
/setup-validator触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Fix: use openclaw.plugin.json manifest, npm for version check, proper semver comparison
v1.0.0
Initial release: security validator for OpenClaw installations. Checks permissions, plugins, sandboxing, dependencies. Provides actionable warnings with fixes.
元数据
常见问题
Setup Validator 是什么?
Validate OpenClaw installation safety by checking for common security misconfigurations and setup issues. Use this skill during initial setup, periodic heart... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 103 次。
如何安装 Setup Validator?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install setup-validator」即可一键安装,无需额外配置。
Setup Validator 是免费的吗?
是的,Setup Validator 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Setup Validator 支持哪些平台?
Setup Validator 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Setup Validator?
由 MarcusY2k(@marcusy2k)开发并维护,当前版本 v1.0.1。
推荐 Skills