← 返回 Skills 市场
117
总下载
0
收藏
0
当前安装
8
版本数
在 OpenClaw 中安装
/install shrimp-skill-install-guard
功能描述
Performs a five-step guarded skill install with checks for existence, local state, risk, execution, and post-install verification.
安全使用建议
This package is largely what it says: a local vetter that enumerates files, fetches source metadata, reports red flags, and optionally runs a supplied install command. Before you run it: (1) review scripts/skill-install-guard.py yourself for any surprising behavior (notably it references /home/baiwan/.openclaw/workspace-assistant-shrimp — an unexplained hard-coded path); (2) run in dry-run mode (--dry-run or --stop-before-install) first and inspect the JSON report; (3) never pass unreviewed install commands — the tool will execute the exact command you provide (it disallows shell operators but can still run any binary); (4) run it in an isolated environment if you are concerned about local data exposure; and (5) if you need higher assurance, ask the author why the hard-coded workspace path is present or modify the script to use only explicit, documented local roots.
功能分析
Type: OpenClaw Skill
Name: shrimp-skill-install-guard
Version: 0.4.3
The skill bundle provides a security-focused installation workflow that performs static analysis and risk assessment on other skills. The core script, `scripts/skill-install-guard.py`, uses regex-based rules to scan for sensitive data access, credentials, and dangerous code patterns (e.g., searching for `~/.ssh`, `eval`, or OpenClaw-specific files like `SOUL.md`). While the tool is designed for defense and includes security features like shell-injection mitigation in its command execution logic, it possesses high-risk capabilities such as executing arbitrary commands via the `--install-cmd` argument and performing network requests to GitHub and ClawHub APIs. These capabilities are necessary for its stated purpose but meet the threshold for a suspicious classification due to the inherent risk of the provided functionality.
能力评估
Purpose & Capability
Name/description claim a pre-install vetting flow and the included Python script implements source checks, file enumeration/review, risk scoring, and an optional guarded install — these requirements align with the stated purpose.
Instruction Scope
SKILL.md instructs the agent to enumerate and (for readable text files) read all files in the target skill and optionally run an install command. That stays within the stated vetting scope. Note: the code will also attempt source metadata fetches (network calls) and searches across configured local roots, which is expected for a vetter but should be noted by operators.
Install Mechanism
There is no external install spec; the skill is instruction-plus-scripts (script files are included). No downloads or archive extraction are performed by an installer spec. This is the lowest install-mechanism risk category for a vetter tool.
Credentials
The skill declares no required env vars or credentials, which fits. However the code contains a hard-coded WORKSPACE_ROOT = /home/baiwan/.openclaw/workspace-assistant-shrimp and DEFAULT_LOCAL_ROOTS that will cause it to look in that absolute path and other local skill directories; this embedded path is unexplained and could cause unintended local data collection on systems where that path exists. The script also performs network fetches to gather source metadata and will flag credential-like strings in scanned files (expected for a vetter).
Persistence & Privilege
The skill is not always:true and does not request system-wide configuration changes itself. It can run an operator-supplied install command (run with run_install_command), but that execution is explicitly constrained to direct executable invocations (no shell operators). The ability to run arbitrary install commands is necessary for its purpose but is a potential operational risk if the operator supplies a malicious command.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install shrimp-skill-install-guard - 安装完成后,直接呼叫该 Skill 的名称或使用
/shrimp-skill-install-guard触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.4.3
fix: remove shell execution path in installer and reduce false-positive security flags
v0.4.2
docs: rewrite public-facing copy to focus on user value and remove implementation details
v0.4.1
Rewrite public-facing copy: remove internal implementation/source-mapping language; focus on capabilities, audience, and outcomes.
v0.4.0
fully inlined 1:1 vetter parity: source reputation fields, ALL-files accounting, original report template mapping, and Trust Hierarchy landed in code/report
v0.3.0
inline built-in vetter policy; no external vetter dependency for key checks
v0.2.1
docs: 优化 ClawHub 中文包装文案,补充定位、对比与适用人群
v0.2.0
Upgrade to automated installer guard with executable script, explicit risk-review fallback, and docs refresh
v0.1.0
Initial release: five-step guarded skill install workflow with helper script.
元数据
常见问题
Skill Install Guard|技能安装守门员 是什么?
Performs a five-step guarded skill install with checks for existence, local state, risk, execution, and post-install verification. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 117 次。
如何安装 Skill Install Guard|技能安装守门员?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install shrimp-skill-install-guard」即可一键安装,无需额外配置。
Skill Install Guard|技能安装守门员 是免费的吗?
是的,Skill Install Guard|技能安装守门员 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Skill Install Guard|技能安装守门员 支持哪些平台?
Skill Install Guard|技能安装守门员 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Skill Install Guard|技能安装守门员?
由 文武贝(@wuyunting555)开发并维护,当前版本 v0.4.3。
推荐 Skills