← 返回 Skills 市场
Subagent Isolation Guard
作者
halfmoon82
· GitHub ↗
· v1.0.0
340
总下载
0
收藏
2
当前安装
1
版本数
在 OpenClaw 中安装
/install subagent-isolation-guard
功能描述
固化子代理物理隔离与语义路由旁路。防止跨代理上下文污染及由于语义路由导致的子代理切模/重置问题。
安全使用建议
This instruction-only skill is coherent for hardening subagent isolation, but it asks you to add a routing bypass and require session IDs to contain ':subagent:'. Before implementing: (1) perform a code review of semantic-webhook-server.py changes and restrict who can edit it and AGENTS.md; (2) avoid relying on a plain string marker — require authenticated, signed, or unforgeable session tokens (not just a prefix) so attackers cannot spoof ':subagent:'; (3) add logging, monitoring, and audits for all bypassed requests; (4) test thoroughly in a staging environment to ensure the bypass doesn't let untrusted inputs evade policy or model-safety checks; (5) consider safer alternatives (e.g., mutual TLS, signed JWT session claims, or an allowlist tied to agent identities) if you need robust isolation. If you cannot enforce these controls, treat deploying this bypass as high risk.
功能分析
Type: OpenClaw Skill
Name: subagent-isolation-guard
Version: 1.0.0
The skill bundle contains architectural guidelines and documentation for implementing subagent isolation and routing bypass within the OpenClaw framework. It focuses on preventing context pollution and session resets by recommending separate workspaces and specific session tagging, with no executable code, malicious instructions, or data exfiltration risks identified in SKILL.md or _meta.json.
能力评估
Purpose & Capability
The skill's name and description match the content of SKILL.md: it proposes workspace isolation and a routing-bypass for subagents. It does not request unrelated credentials, binaries, or installs, so required capabilities align with the stated purpose.
Instruction Scope
SKILL.md instructs modifying runtime logic (semantic-webhook-server.py) to detect a session_key marker ':subagent:' and 'bypass' semantic routing by returning 'continue' and not injecting declarations or model suggestions. This is within the stated goal but is operationally dangerous: it creates an explicit bypass in routing logic and relies on a simple string marker that can be spoofed unless additional safeguards (authentication, signature, or unforgeable session tokens) are enforced. The instructions are also vague about implementation details and access controls.
Install Mechanism
Instruction-only skill with no install spec or code to download. No files are written by the skill itself, minimizing installer-related risk.
Credentials
No environment variables, credentials, or config paths are requested. The absence of extra secrets is proportionate to the stated purpose.
Persistence & Privilege
The skill is not always-enabled and is user-invocable; however, its runtime guidance expects operators to modify server code and configuration (AGENTS.md and semantic-webhook-server.py). Those actions require write privileges and careful change control — the skill implicitly assumes the ability to edit server-side routing code and agent configuration, which elevates operational privilege requirements.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install subagent-isolation-guard - 安装完成后,直接呼叫该 Skill 的名称或使用
/subagent-isolation-guard触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: solidifies subagent workspace isolation and semantic routing bypass for subagent sessions.
元数据
常见问题
Subagent Isolation Guard 是什么?
固化子代理物理隔离与语义路由旁路。防止跨代理上下文污染及由于语义路由导致的子代理切模/重置问题。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 340 次。
如何安装 Subagent Isolation Guard?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install subagent-isolation-guard」即可一键安装,无需额外配置。
Subagent Isolation Guard 是免费的吗?
是的,Subagent Isolation Guard 完全免费(开源免费),可自由下载、安装和使用。
Subagent Isolation Guard 支持哪些平台?
Subagent Isolation Guard 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Subagent Isolation Guard?
由 halfmoon82(@halfmoon82)开发并维护,当前版本 v1.0.0。
推荐 Skills