← 返回 Skills 市场
Shoofly Advanced
作者
wow-leeroy-jenkins05
· GitHub ↗
· v1.3.0
· MIT-0
123
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install shoofly-advanced
功能描述
Pre-execution security layer for AI agents. Intercepts and blocks dangerous tool calls before they fire -- not detected after. Works with OpenClaw and Claude...
安全使用建议
This skill is instruction-only but expects a local binary and helper scripts under ~/.shoofly that it does not provide or document. Do not install or place any executable at ~/.shoofly/bin/shoofly-check unless you can verify its source and checksum. Ask the publisher for: (1) a homepage or repository, (2) installation instructions or signed binaries, and (3) the actual shoofly-check and shoofly-notify code for audit. If you plan to use it, run the binary in a sandbox or VM first, inspect ~/.shoofly/config.json contents it expects, and review what notification endpoints (127.0.0.1:18789, Telegram/WhatsApp hooks) will be invoked. The SKILL.md contains coercive wording and fail-open behavior; consider whether 'fail-open' is acceptable for your threat model. If you cannot obtain verifiable provenance for the binary, treat this skill as untrusted.
功能分析
Type: OpenClaw Skill
Name: shoofly-advanced
Version: 1.3.0
The 'shoofly-advanced' skill bundle implements a security interception layer that requires the AI agent to pass all tool names and arguments to external binaries (~/.shoofly/bin/shoofly-check) before execution. While its stated purpose is to prevent threats like prompt injection and data exfiltration, this architecture creates a high-risk interception point for all agent activity and relies on unverified local binaries and network-based notification channels (e.g., http://127.0.0.1:18789/chat). The lack of the actual check logic within the bundle makes the broad data access and execution requirements inherently risky.
能力评估
Purpose & Capability
The name/description claim a pre-execution security layer, which matches the runtime instructions. However the SKILL.md mandates running a binary (~/.shoofly/bin/shoofly-check) and helper scripts (shoofly-notify) that are not provided, not documented in an install spec, and not listed as required binaries. The skill also references a per-user config and log paths but declares no required config paths. Requiring an external, unsigned local binary without providing installation or provenance information is disproportionate to a purely instruction-only skill and reduces trust.
Instruction Scope
Instructions explicitly require the agent to run a local executable before every tool call, read ~/.shoofly/config.json, append to ~/.shoofly/logs/alerts.log, and use notification channels (including posting to 127.0.0.1:18789 and invoking shoofly-notify). The doc also contains coercive language ('This check is non-negotiable') and prescriptive fail-open behavior (proceed if the check is missing/times out). While these actions are within the stated purpose, telling the agent to execute an arbitrary home-directory binary (not supplied) and to perform reads/writes to user filesystem and network endpoints is high-impact and should be justified with source/install provenance.
Install Mechanism
There is no install specification and no code files — lowest installer risk. But that creates a practical problem: the runtime assumes binaries and helper scripts exist under ~/.shoofly. Because no install or trusted release URL is provided, the skill either expects a manual, out-of-band install or a preexisting third-party component. Asking agents to invoke a non-provided binary is a deployment/integrity gap and increases risk if the user later installs an untrusted binary to satisfy the skill.
Credentials
The skill declares no required environment variables (good), yet its checks and detection rules explicitly target highly sensitive files and credential patterns (e.g., ~/.ssh, ~/.aws/credentials, OpenAI/GH/AWS key regexes). The SKILL.md also instructs writing to ~/.shoofly/logs and reading ~/.shoofly/config.json, but the metadata declared no required config paths. The mismatch between declared requirements and actual file/credential access in the instructions is disproportionate and unexplained.
Persistence & Privilege
always:false and default autonomous invocation are acceptable. The skill asks to write logs and read config under ~/.shoofly, which grants it persistent storage under the user's home if the user installs the binary — that is reasonable for a local security wrapper, but because the skill does not provide or validate that component, the persistence surface is unclear. There is no evidence it modifies other skills or system-wide config beyond its own ~/.shoofly directory.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install shoofly-advanced - 安装完成后,直接呼叫该 Skill 的名称或使用
/shoofly-advanced触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.3.0
v2: Claude Code runtime support — PreToolUse hook, install-claude-code-advanced.sh, same threat policy as OpenClaw
v1.2.5
Repositioned as tool call interceptor — 'blocked, not detected' framing, Why Advanced section, updated description for vector search discoverability
v1.2.4
Initial ClawHub listing — pre-execution threat blocking, daemon + hook architecture
元数据
常见问题
Shoofly Advanced 是什么?
Pre-execution security layer for AI agents. Intercepts and blocks dangerous tool calls before they fire -- not detected after. Works with OpenClaw and Claude... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 123 次。
如何安装 Shoofly Advanced?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install shoofly-advanced」即可一键安装,无需额外配置。
Shoofly Advanced 是免费的吗?
是的,Shoofly Advanced 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Shoofly Advanced 支持哪些平台?
Shoofly Advanced 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Shoofly Advanced?
由 wow-leeroy-jenkins05(@wow-leeroy-jenkins05)开发并维护,当前版本 v1.3.0。
推荐 Skills