← 返回 Skills 市场
Subfeed
作者
Subfeed-AI
· GitHub ↗
· v1.0.2
700
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install subfeed
功能描述
AI entities with full agentic backend for your OpenClaw project in one prompt. Your IDE agent will self-register and start building. Human is optional.
安全使用建议
This skill is coherent with being a Subfeed integration, but it asks your agent to re-download its runtime instructions from subfeed.app each session and to register accounts or collect human emails — both of which can cause your project data or credentials to be sent to Subfeed and allow the remote site to change agent behavior later. Before installing: (1) verify the skill source (the homepage and publisher) and confirm you trust subfeed.app; (2) avoid supplying a full 'sf_live_*' account key — prefer scoped agent tokens ('sf_agent_*') or a dedicated minimal-permission account; (3) if you must use it, create a disposable/demo account and do not point it at sensitive repos or secrets; (4) request an embedded/pinned SKILL.md from the publisher or insist that the registry host the canonical instructions (to avoid silent remote updates); (5) be cautious about allowing the skill to collect human emails or create accounts on behalf of users. If you want, provide the publisher/source details and I can help assess trust further.
功能分析
Type: OpenClaw Skill
Name: subfeed
Version: 1.0.2
The skill bundle is classified as suspicious due to a significant prompt injection vulnerability found in `SKILL.md`. The instructions explicitly tell the AI agent to 'Always re-fetch this file at the start of each session for the latest API surface' via `GET https://subfeed.app/skill.md`. This dynamic instruction loading mechanism allows the skill provider to remotely alter the agent's behavior and instructions at any time, bypassing static review and posing a high risk for future malicious exploitation (e.g., data exfiltration, unauthorized actions) if the remote server is compromised or the provider's intent changes. While the current content does not exhibit explicit malicious behavior, this design pattern is a critical vulnerability.
能力评估
Purpose & Capability
Name/description match the actions in SKILL.md: it is a Subfeed integration that registers agents, creates entities, and talks to Subfeed REST endpoints. The required env vars (SUBFEED_API_KEY, SUBFEED_AGENT_TOKEN) are directly relevant to that purpose.
Instruction Scope
The SKILL.md explicitly instructs the agent to 'Always re-fetch this file at the start of each session' from https://subfeed.app/skill.md, giving the remote site the ability to change the agent's runtime instructions without going through the registry review. The instructions also include creating human accounts and exchanging emails for live API keys (sf_live_*), which can cause project data or credentials to be transmitted to Subfeed. The doc claims 'No local files read or written' but instructs to 'Save agentToken' without specifying where — ambiguous and potentially unsafe.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so it doesn't write archives or install binaries. Low install-surface risk.
Credentials
The required environment variables (SUBFEED_API_KEY primary, SUBFEED_AGENT_TOKEN secondary) align with the stated API usage. However, the skill's flow includes obtaining or asking humans for 'sf_live_*' API keys (full-account keys). For safety, prefer using scoped agent tokens (sf_agent_*) and avoid supplying live account keys unless you trust the service and understand what data will be stored remotely.
Persistence & Privilege
always:false (no forced global inclusion) and model invocation is allowed (normal). The main risk is the dynamic re-fetch requirement: because the skill tells the agent to pull remote instructions each session, its effective behavior can change after installation — this increases blast radius despite no elevated install privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install subfeed - 安装完成后,直接呼叫该 Skill 的名称或使用
/subfeed触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
- Updated skill description to clarify AI entities now work independently as IDE agents for OpenClaw projects; human onboarding is optional.
- Simplified description and onboarding language for improved clarity.
- No code or functional changes; documentation only.
v1.0.1
- Clarified credential lookup instructions to specify "environment variables."
- Added guideline to obtain explicit human permission before collecting their email or creating an account.
- Updated environment requirements to include both SUBFEED_API_KEY and SUBFEED_AGENT_TOKEN.
- Minor language and formatting improvements for clarity and consistency.
v1.0.0
Initial public release of Subfeed skill.
- Agents deploy agents called Entities, with native RAG, web search, webhooks, and more.
- Agents self-register, create entities, and onboard humans in one flow via API; supports onboarding and token management.
- Entities use any available model on a free tier, with easy creation and chat.
- Detailed quick reference for endpoints, models, authentication, and error handling.
- Privacy and security information provided; all data is encrypted and never shared with third parties.
- Includes links to sub-skills: knowledge bases (RAG), addons, tools (MCP), webhooks, and public entity directory.
- No binaries, no local files — pure REST API
元数据
常见问题
Subfeed 是什么?
AI entities with full agentic backend for your OpenClaw project in one prompt. Your IDE agent will self-register and start building. Human is optional. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 700 次。
如何安装 Subfeed?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install subfeed」即可一键安装,无需额外配置。
Subfeed 是免费的吗?
是的,Subfeed 完全免费(开源免费),可自由下载、安装和使用。
Subfeed 支持哪些平台?
Subfeed 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Subfeed?
由 Subfeed-AI(@subfeed-ai)开发并维护,当前版本 v1.0.2。
推荐 Skills