← 返回 Skills 市场
halfmoon82

Skill Safe Install

作者 halfmoon82 · GitHub ↗ · v2.2.0 · MIT-0
cross-platform ⚠ suspicious
812
总下载
0
收藏
5
当前安装
2
版本数
在 OpenClaw 中安装
/install skill-safe-install-l0
功能描述
L0 级技能安全安装流程。触发“安装技能/安全安装/审查权限”时,强制执行 Step0-5(查重→检索→审查→沙箱→正式安装→白名单)。
安全使用建议
This skill implements a reasonable secure-install workflow, but review these points before installing: (1) Confirm you accept the hardcoded trusted-author whitelist (halfmoon82 / deepeye) — those skills will skip risk review. (2) The instructions edit ~/.openclaw/openclaw.json using jq; ensure you (or the agent) explicitly authorize Step 5 and that backups are retained. (3) Ensure the runtime environment actually has clawhub, jq, mktemp, cp, mv available — the skill metadata does not declare these dependencies. (4) Consider running the sandbox install commands manually first to validate behavior, and verify that any automated consent/whitelist write is logged and reversible. If you need higher assurance, request the author to (a) declare required binaries/config paths in metadata and (b) make the trust whitelist configurable rather than hardcoded.
功能分析
Type: OpenClaw Skill Name: skill-safe-install-l0 Version: 2.2.0 This skill implements a 'Safe Install' workflow that includes a hardcoded whitelist in SKILL.md, exempting specific authors (halfmoon82, deepeye) from security inspections. It also automates the modification of the core configuration file (~/.openclaw/openclaw.json) to add skills to the 'allowBundled' list, which grants them persistent trusted status. While framed as a security utility, the bypass mechanism for a large list of specific skills and the automated editing of system configurations pose a risk of unauthorized privilege escalation for those authors' software.
能力评估
Purpose & Capability
The skill's name and description align with the runtime instructions: it enforces a 6-step install workflow (duplicate check, search, inspect, sandbox, install, whitelist). However it hardcodes a first‑party trust whitelist (authors halfmoon82 / deepeye) that exempts those skills from risk review — this is a governance decision that could legitimately exist but must be consciously accepted by operators.
Instruction Scope
The SKILL.md instructs the agent to read and modify the user's OpenClaw config (~/.openclaw/openclaw.json) (backup + jq edits). It also requires running system commands (clawhub, mktemp, jq, cp, mv) and performing installs in an isolated workdir. Those file-path modifications and command executions are within the skill's stated purpose, but modifying the agent's config is a sensitive action and the SKILL.md relies on a user consent step — ensure that consent is enforced and auditable.
Install Mechanism
This is instruction-only (no install spec, no code files), which is lowest install risk. Still, the instructions assume presence of specific CLI tools (clawhub, jq, mktemp) even though the skill declares no required binaries; that's an operational mismatch to be aware of.
Credentials
The skill declares no required env vars or config paths, yet the runtime instructions explicitly read and write ~/.openclaw/openclaw.json and rely on jq and clawhub. The implicit requirement to edit the agent's config and to run external binaries is not reflected in the declared metadata — a proportionality mismatch that should be fixed or acknowledged.
Persistence & Privilege
The skill can cause persistent changes by appending skills to the allowBundled whitelist. The SKILL.md states Step 5 requires explicit user authorization, which mitigates risk. It does not set always:true, and it does not request autonomous always-on privileges — but modifying the agent config is a powerful action and should only be allowed after clear, logged consent.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install skill-safe-install-l0
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /skill-safe-install-l0 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.2.0
Add first-party trusted skill whitelist
v2.1.0
L0关键词强制触发,修复沙箱流程,补充中英文文档
元数据
Slug skill-safe-install-l0
版本 2.2.0
许可证 MIT-0
累计安装 5
当前安装数 5
历史版本数 2
常见问题

Skill Safe Install 是什么?

L0 级技能安全安装流程。触发“安装技能/安全安装/审查权限”时,强制执行 Step0-5(查重→检索→审查→沙箱→正式安装→白名单)。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 812 次。

如何安装 Skill Safe Install?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-safe-install-l0」即可一键安装,无需额外配置。

Skill Safe Install 是免费的吗?

是的,Skill Safe Install 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Skill Safe Install 支持哪些平台?

Skill Safe Install 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Skill Safe Install?

由 halfmoon82(@halfmoon82)开发并维护,当前版本 v2.2.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论