← 返回 Skills 市场
rbbcarl

Skill Operator

作者 rbbcarl · GitHub ↗ · v1.0.1
cross-platform ⚠ suspicious
512
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install skill-operator
功能描述
Manage installed skills with a web UI for visualization, backup-backed uninstall, updates via git, and AI-powered evolution with rollback support.
安全使用建议
Do not install this into a production or internet-connected environment yet. Key issues to resolve before trusting it: (1) The registry listing claims a completely different purpose (Skill Operator) than the shipped code (AgentComm). Ask the publisher to explain and provide a trusted source/homepage. (2) The code auto-installs Python packages at runtime (pip install), which modifies your environment; prefer an explicit, reviewed install step. (3) The skill will open an HTTP server on 0.0.0.0 and actively scan the local subnet (requests to many LAN IPs) and upload files to IPFS/public relays — run only in an isolated VM or sandbox if you want to test. (4) The skill can use or generate a Nostr private key (nsec) — treat that as a secret and do not import any real/production keys until you audit the code. Recommended actions: verify source (git repo/homepage), ask the author why metadata is mismatched, review full source (especially the truncated upload code paths), run in an isolated environment, and consider network segmentation/firewalling to limit LAN exposure.
功能分析
Type: OpenClaw Skill Name: skill-operator Version: 1.0.1 The skill is classified as suspicious due to several critical security vulnerabilities, not intentional malice. The `LANServer` (in `agent_comm.py`) and `LANMessageHandler` (in `nostr_comm.py`) expose an unauthenticated `/messages` endpoint on the local network, allowing any device on the LAN to read all messages received by the agent. More critically, `nostr_comm.py`'s `IPFSHandler.download_file` function writes to a user-controlled `output_path` without sanitization, creating an arbitrary file write vulnerability that could lead to directory traversal or overwriting system files. Additionally, both Python files use `subprocess.run` to install dependencies, which is a general security risk. These flaws could be exploited to compromise the agent or disclose sensitive information.
能力评估
Purpose & Capability
Registry metadata (name: 'Skill Operator', description: managing installed skills, web UI, backups, git updates, rollback) does not match the included SKILL.md, README, and code, which implement 'AgentComm' (Nostr + LAN messaging, IPFS file sharing). This is a substantive mismatch — a skill-op manager would not need Nostr/zeroconf/IPFS code. The mismatch could be an accidental packaging error or intentional mislabeling; either way it is incoherent.
Instruction Scope
The SKILL.md and README instruct generating keypairs, starting an HTTP server listening on 0.0.0.0:8765, advertising with mDNS, discovering peers on the LAN, sending files to IPFS, and messaging via Nostr relays. The included code implements these behaviors and additionally: (a) auto-installs Python packages at import time (subprocess pip install), (b) actively scans the local subnet by issuing HTTP requests to every .1-.254 address, and (c) will accept POSTed messages and files over the network. These runtime actions go beyond simple 'helper' tools and require explicit user consent and network consideration. The SKILL.md does not clearly call out the active LAN scanning behavior (it promises discovery but the code uses an aggressive scan), nor does the registry metadata warn about these network operations.
Install Mechanism
No formal install spec is declared, but the code performs runtime installation: multiple files attempt to pip-install dependencies (nostr, zeroconf) via subprocess.run when imports fail. That means network retrieval and package installation will occur automatically when the skill is imported/executed. This is higher-risk than a pure instruction-only skill because it writes to the environment and fetches code from PyPI without an explicit install step.
Credentials
Registry metadata lists no required env vars, but README mentions optional/expected envs (NOSTR_PRIVATE_KEY, NOSTR_RELAYS, IPFS_API_URL). The code will generate and use a private key (nsec) and can accept a private key from environment — this is a sensitive secret. The skill requests ability to listen on a network port and access the network and filesystem (for reading files to upload). Those privileges are consistent with a comms/file-share skill but they were not declared in registry metadata, and asking for a private key (nsec) should be highlighted as sensitive.
Persistence & Privilege
always:false (normal). The skill will start a persistent LAN HTTP server (0.0.0.0:8765), advertise via mDNS, and run background threads. That gives it a continuous network presence on the LAN while enabled. This behavior is plausible for a communication skill, but it increases blast radius — if you install it trustworthily, consider running in a restricted environment or ensuring only trusted LAN peers can reach the port.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install skill-operator
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /skill-operator 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
AgentComm 1.0.1 introduces decentralized agent communication with dual Internet (Nostr) and LAN modes. - Added two new modules: `agent_comm.py` and `nostr_comm.py`, providing internet (Nostr) and local network agent messaging capabilities. - Added `requirements.txt` specifying dependencies: Python 3.9+, `nostr`, `zeroconf`, and `requests`. - Removed legacy files: `_meta.json` and `skill_operator.py`. - Replaced the skill's focus from skill management to agent-to-agent encrypted messaging and file sharing, supporting both decentralized (Nostr) and LAN communication. - Updated documentation to reflect the new AgentComm features, commands, and requirements.
v1.0.0
Initial release of skill-operator. - Visual skill management tool with modern web UI for managing installed skills. - Features include listing, uninstalling, updating, and evolving skills, with all actions backed up for safety. - Supports one-click rollback from automatic backups. - Includes RESTful API for integrations and automation. - Requires Python 3.7+ and OpenClaw environment.
元数据
Slug skill-operator
版本 1.0.1
许可证
累计安装 0
当前安装数 0
历史版本数 2
常见问题

Skill Operator 是什么?

Manage installed skills with a web UI for visualization, backup-backed uninstall, updates via git, and AI-powered evolution with rollback support. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 512 次。

如何安装 Skill Operator?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-operator」即可一键安装,无需额外配置。

Skill Operator 是免费的吗?

是的,Skill Operator 完全免费(开源免费),可自由下载、安装和使用。

Skill Operator 支持哪些平台?

Skill Operator 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Skill Operator?

由 rbbcarl(@rbbcarl)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论