← 返回 Skills 市场
sean810720

Shuttle AI Chatbot

作者 https://github.com/account/ssh · GitHub ↗ · v2.0.1 · MIT-0
cross-platform ⚠ suspicious
236
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install shuttle-ai-chatbot
功能描述
直接調用本地 AI /chat_direct API,支援單次與批次查詢,產品比較,輸出 JSON 或純文字,無需瀏覽器自動化。
安全使用建议
This skill appears to do what it says (call a local /chat_direct API), but it constructs curl commands by interpolating user-provided URLs and queries into a shell command without validation or safe escaping. That can lead to command injection or accidental data exfiltration to arbitrary hosts. Before installing or running: (1) review or run the code in a sandbox/container; (2) avoid passing untrusted --url values and do not point it to public endpoints unless you trust them; (3) avoid feeding untrusted batch files; (4) consider patching the code to use a proper HTTP client (e.g., node's fetch or axios) or use child_process.spawn/execFile with arguments (not a single shell string), and validate/whitelist allowed hosts (localhost/private IPs) to enforce the intended local-only behavior; (5) verify the session ID/README inconsistencies if you need exact logging format. If you are not comfortable reviewing or patching the code, do not run it against sensitive environments or as privileged user.
功能分析
Type: OpenClaw Skill Name: shuttle-ai-chatbot Version: 2.0.1 The skill is classified as suspicious due to a shell injection vulnerability in `index.js`, where user-supplied queries are concatenated into a `curl` command via `child_process.exec` without escaping single quotes. Additionally, there is a significant discrepancy between the documentation in `SKILL.md` (which claims to have implemented URL validation for security) and the actual code in `index.js`, which lacks any such validation and defaults to a hardcoded internal IP address (`192.168.100.98:8888`). These issues represent critical security flaws and misleading documentation regarding the skill's safety features.
能力评估
Purpose & Capability
The name/description match the code: the CLI issues POSTs to a /chat_direct endpoint and supports single and batch queries. It does not request credentials or config paths. Minor inconsistencies: SKILL.md repeatedly states session ID format 'shuttle-cli-YYYYMMDD', while index.js actually generates 'shuttle-cli-{random16}_{YYYYMMDD}' (the README also mentions a random 16-code). SKILL.md changelog claims prior URL validation to restrict to localhost/private IPs, but there is no URL validation in the code — the CLI accepts any --url.
Instruction Scope
The runtime instructions and code shell out to curl via child_process.exec with a command string that interpolates user-provided inputs (options.url and queries). These inputs are not validated or safely escaped. That creates command-injection and/or broken-shell-invocation risks (e.g., malicious --url or a query line containing characters that break the single-quoted JSON payload). Although the SKILL.md states the tool is meant for local/private endpoints, the code allows arbitrary URLs, so an attacker or misconfiguration could make the tool send data to external hosts.
Install Mechanism
No external download/install script is present; the package includes index.js and a normal package.json with a single dependency (commander). There is no install spec that fetches arbitrary archives or executes remote installers. The Node dependency is from the npm registry (package-lock included).
Credentials
The skill does not request environment variables, credentials, or config paths. It requires a reachable AI service URL (default is a private IP) and Node/curl. However, because the URL is user-controllable and not validated, the tool can be used to transmit query contents to arbitrary endpoints — a proportionality/abuse risk even though no secrets are requested.
Persistence & Privilege
The skill does not request elevated or persistent privileges; 'always' is false and there is no behavior that modifies other skills or global agent settings. It is a normal user-invoked CLI skill.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install shuttle-ai-chatbot
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /shuttle-ai-chatbot 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.1
shuttle-ai-chatbot v2.0.1 - 技能 slug 更名:從 shuttle-qc-ai-chatbot 改為 shuttle-ai-chatbot - 發布至 ClawHub,正式上架
元数据
Slug shuttle-ai-chatbot
版本 2.0.1
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Shuttle AI Chatbot 是什么?

直接調用本地 AI /chat_direct API,支援單次與批次查詢,產品比較,輸出 JSON 或純文字,無需瀏覽器自動化。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 236 次。

如何安装 Shuttle AI Chatbot?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install shuttle-ai-chatbot」即可一键安装,无需额外配置。

Shuttle AI Chatbot 是免费的吗?

是的,Shuttle AI Chatbot 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Shuttle AI Chatbot 支持哪些平台?

Shuttle AI Chatbot 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Shuttle AI Chatbot?

由 https://github.com/account/ssh(@sean810720)开发并维护,当前版本 v2.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论