← 返回 Skills 市场
266
总下载
1
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install sillytavern-cards-skill
功能描述
Import and roleplay with SillyTavern-compatible character cards (TavernAI V2/V3 PNG format)
安全使用建议
This skill is internally consistent with its stated purpose and the included Node extractor is simple and readable. However, importing cards downloads third-party data and writes it directly into your agent's SOUL.md (system identity) and MEMORY.md (persistent memory). Because card JSON can include fields like system_prompt and post_history_instructions, importing unreviewed cards can change your agent's behavior (prompt injection) or cause surprising actions. Recommended precautions before installing/using: 1) Back up ~/.openclaw/SOUL.md and MEMORY.md (the skill suggests doing this). 2) Prefer importing local files you trust or manually review the JSON output from node extract-card.js before saving. 3) Avoid blindly importing cards from unknown URLs; download to a local file and inspect the JSON first. 4) Note that README/SKILL.md claim WEBP support but the extractor only verifies PNG signatures — treat WEBP imports cautiously. 5) If you allow autonomous agent invocation, be aware that a malicious card could persistently influence the agent across sessions. If you want, I can highlight the exact lines in extract-card.js that you should audit or show an example safe workflow for reviewing a downloaded card before import.
功能分析
Type: OpenClaw Skill
Name: sillytavern-cards-skill
Version: 0.1.0
The skill bundle enables importing SillyTavern character cards by overwriting the agent's core identity file (SOUL.md) and modifying its memory (MEMORY.md). While aligned with the stated purpose of roleplay, the SKILL.md instructions utilize shell commands (curl, node) that are vulnerable to command injection if user-provided URLs or character names are not strictly sanitized by the AI agent. Additionally, the 'Play' mode instructions explicitly direct the agent to ignore all other system skills and commands, which constitutes a high-risk override of standard agent behavior. Although no evidence of intentional malice or data exfiltration was found, the combination of identity hijacking and shell execution on remote data from sources like chub.ai and charavault.net presents significant architectural risks.
能力评估
Purpose & Capability
Name/description, required binary (node), included extractor script, and instructions all align: a Node-based PNG/JSON extractor plus file operations to import character cards is expected for this functionality.
Instruction Scope
The runtime instructions tell the agent to download cards from arbitrary URLs (curl), parse them, and write their contents into persistent OpenClaw files (~/.openclaw/characters, SOUL.md, MEMORY.md). That is functionally necessary for the skill, but it means untrusted community card JSON (including system_prompt and post_history_instructions) will become agent system prompts and persistent memory — a prompt-injection risk. Also, SKILL.md/README claim WEBP support, but the extractor only verifies PNG signatures and will fail for many WEBP files (incoherent support claim).
Install Mechanism
No install spec; instruction-only with local Node script. Nothing is downloaded as part of an install step by the skill itself, so install risks are low. The SKILL.md does instruct using curl to fetch cards at runtime (user-driven), which is expected but means network fetches occur.
Credentials
No environment variables or external credentials are requested — appropriate. However, the skill relies on downloading community content (Chub.ai, CharaVault or arbitrary URLs) and then writing that content into the agent's identity and memory. That external-network + persistent-write combination is proportional to the feature but increases attack surface (malicious cards could alter agent behavior).
Persistence & Privilege
The skill overwrites/backs up ~/.openclaw/SOUL.md and appends to ~/.openclaw/MEMORY.md to implement persona and persistent memories. This is expected for a persona-management skill, but these are high-impact files: writing untrusted system-level prompts into SOUL.md grants imported cards lasting control over agent behavior across sessions. The skill does not request always:true and is user-invocable, which is appropriate.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install sillytavern-cards-skill - 安装完成后,直接呼叫该 Skill 的名称或使用
/sillytavern-cards-skill触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
sillytavern-cards-skill 0.1.0
- Initial release for importing and roleplaying with SillyTavern-compatible character cards (TavernAI V2/V3 PNG format).
- Supports importing character cards from local files, URLs, and direct search/browse from Chub.ai and CharaVault.
- Provides three modes of character interaction: “Play” (full immersion), “Soul” (hybrid), and “Chat” (casual).
- Handles extracting embedded JSON from PNG/WEBP, and supports raw JSON cards.
- Users can list, edit, or delete imported characters, and use them in any messaging channel.
元数据
常见问题
sillytavern-cards 是什么?
Import and roleplay with SillyTavern-compatible character cards (TavernAI V2/V3 PNG format). 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 266 次。
如何安装 sillytavern-cards?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install sillytavern-cards-skill」即可一键安装,无需额外配置。
sillytavern-cards 是免费的吗?
是的,sillytavern-cards 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
sillytavern-cards 支持哪些平台?
sillytavern-cards 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 sillytavern-cards?
由 pearyj(@pearyj)开发并维护,当前版本 v0.1.0。
推荐 Skills