← 返回 Skills 市场
552
总下载
0
收藏
3
当前安装
6
版本数
在 OpenClaw 中安装
/install skill-dashboard
功能描述
像管手机 APP 一样管你的 AI 技能——分页显示、一键巡查、轻松管理
安全使用建议
This skill is plausibly what it says (a local dashboard) but there are red flags you should consider before installing:
- Metadata mismatch: SKILL.md says it requires 'jq' but the package metadata and code do not—ask the maintainer to clarify and provide an updated package manifest.
- Command execution risk: the code uses shell exec (clawhub inspect/update/uninstall, open) with parameters that can come from parsed text or user input. If an attacker can cause a crafted skill name to be processed, it could lead to shell injection. Ask the developer to sanitize inputs or use execFile/spawn with argument arrays.
- File/path assumptions: dev-dashboard reads a sibling skill-state file via a relative path; confirm install layout so it doesn't accidentally read unrelated files.
- Operational impact: the skill will call clawhub update/uninstall, which can modify or remove other skills. Confirm you trust the skill and the clawhub CLI on your system.
Recommended actions before installing:
1. Review the source (the included JS files) yourself or ask the author to explain the jq metadata and the relative path usage.
2. Verify clawhub CLI is legitimate and required; consider running the code in a sandbox or review/modify it to use safer child_process APIs (pass arguments as arrays, validate slugs against a strict pattern).
3. If you plan to use it, ensure backups for your skills, and only allow confirmed update/uninstall actions.
If the maintainer can address input sanitization and fix the manifest inconsistencies, this would lower my concern.
功能分析
Type: OpenClaw Skill
Name: skill-dashboard
Version: 2.0.4
The skill bundle contains a critical shell injection vulnerability (Remote Code Execution risk) in `dashboard.js`, `commands/uninstall.js`, and `commands/update.js`. User-provided skill names, parsed by `pagination.js`, are directly interpolated into `child_process.exec` calls (e.g., `clawhub update ${skillSlug}` or `clawhub uninstall ${skillSlug}`) without proper sanitization. This allows an attacker to inject arbitrary shell commands by crafting a malicious skill name. While there is no evidence of intentional malicious behavior (e.g., data exfiltration, persistence), this severe vulnerability makes the skill suspicious.
能力评估
Purpose & Capability
The name/description (manage installed skills via a dashboard) matches the code: it lists installed skills and calls clawhub to inspect/update/uninstall. However SKILL.md metadata lists a required binary 'jq' while the registry metadata says no binaries required and none of the JS code calls jq. Also the package is described as 'instruction-only' while the registry contains multiple code files—these inconsistencies suggest sloppy packaging or outdated metadata.
Instruction Scope
The runtime code uses child_process.exec to run clawhub list/inspect/update/uninstall and to open the browser. Some exec calls use values derived from user input or loosely-parsed strings (e.g., update/uninstall paths), and there is no obvious sanitization of those inputs before interpolation into shell commands — a potential command-injection vector. The dev-dashboard reads another package's state file via a relative path (path.join(__dirname, '..', 'skill-dashboard', 'skill-state.json')), which may access unexpected files depending on install layout. The SKILL.md promises local-only caching and two-step confirmations, which the code mostly implements, but the exec usage and path assumptions broaden the skill's effective scope.
Install Mechanism
There is no install spec (lowest install risk), but code files are included so runtime will execute locally. The lack of an install script is not dangerous per se, but combined with executable child_process calls it means the skill relies on the environment (clawhub CLI present) and will execute shell commands at runtime.
Credentials
The skill does not request environment variables, secrets, or external credentials. Its filesystem access is limited to local cache/state files within the skill directory (skill-state.json, dev-cache.json). That is proportionate to the stated purpose. However, the skill will run clawhub CLI commands which can alter installed skills (update/uninstall) and so needs the clawhub CLI and appropriate OS permissions.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges. It writes its own cache/state files but does not attempt to modify other skills' configuration files directly (aside from invoking clawhub CLI which can change installed skills). The combination of autonomous exec of clawhub commands and lack of input sanitization increases blast radius, but persistence flags are normal.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skill-dashboard - 安装完成后,直接呼叫该 Skill 的名称或使用
/skill-dashboard触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.4
- 更新版本号至 2.0.4,反映最新发布状态
- 代码和功能未变,仅为文档(SKILL.md)小幅调整
v2.0.3
- 更新产品审核提示词文档(产品审核提示词.md)
- 其他功能与说明保持不变
v2.0.2
- 更新 SKILL.md,版本号提升至 2.0.2 并增加“已通过自我审核”标识
- 修订文件头版本信息和许可证字段
- 新增文件:产品审核提示词.md
v2.0.1
Version 2.0.1
- No file changes detected in this release.
- Functionality and documentation remain the same as version 2.0.0.
v2.0.0
Skill Dashboard 2.0.0 — 大幅升级,新增开发者巡查与一键导出
- 新增“开发者模式”与 dev-dashboard.js,支持一键抓取技能下载量、评分、评论数并导出 Markdown 报告
- 支持本地缓存 ClawHub 查询结果 1 小时,节省流量,提升响应速度
- 触发词与主界面描述优化,“一键巡查”“开发者模式”等新语句可直接呼出新功能
- 用户界面说明精简,突出安全二次确认与本地优先隐私策略
- 文档结构与快速上手示例全面更新,体验升级
v1.0.0
Phase 1 初始版本:分页显示 + 地球图标 + 人性化管理
元数据
常见问题
Skill Dashboard 是什么?
像管手机 APP 一样管你的 AI 技能——分页显示、一键巡查、轻松管理. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 552 次。
如何安装 Skill Dashboard?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-dashboard」即可一键安装,无需额外配置。
Skill Dashboard 是免费的吗?
是的,Skill Dashboard 完全免费(开源免费),可自由下载、安装和使用。
Skill Dashboard 支持哪些平台?
Skill Dashboard 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Skill Dashboard?
由 largetool(@largetool)开发并维护,当前版本 v2.0.4。
推荐 Skills