← 返回 Skills 市场
Threshold Keel
作者
Threshold Signalworks
· GitHub ↗
· v0.2.7
· MIT-0
167
总下载
2
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install threshold-keel
功能描述
Safety guardrails for autonomous agents. Intercepts destructive actions, requires structured approval before irreversible operations, with CLI-backed cryptog...
安全使用建议
This skill is internally consistent with a safety/approval tool, but take two precautions before installing or enabling it fully: (1) If you want durable cryptographic audit trails, the skill directs you to `pip install threshold-keel` — verify the package (PyPI listing, checksum, project homepage/repository and maintainer) before running pip, since pip installs execute third-party code. Consider using a virtual environment or sandbox to evaluate the CLI. (2) Only set KEEL_CLOUD_API_KEY if you trust Threshold Cloud and understand that WAL/events and policies will be synced to their service. If you prefer behavioural-only protection, use the instructions-only mode (do not run `keel init` or create ~/.keel) and be aware that this relies on the agent following the SKILL.md rules rather than having an enforceable local audit trail.
功能分析
Type: OpenClaw Skill
Name: threshold-keel
Version: 0.2.7
The threshold-keel skill is a comprehensive safety guardrail system designed to prevent autonomous agents from performing unintended or destructive actions. It implements a tiered risk model (T0-T3), requires structured human approval for irreversible operations, and maintains a cryptographic audit trail (Write-Ahead Log) via a local CLI or optional cloud sync. The instructions in SKILL.md are highly security-conscious, including specific mitigations against shell injection (preferring file-based inputs over inline JSON) and a 'Skill Vetting' rule to protect the agent from malicious third-party plugins. No evidence of data exfiltration, unauthorized execution, or malicious intent was found.
能力评估
Purpose & Capability
Name and description describe a guardrail/audit tool; the SKILL.md consistently describes classifying actions, requiring approvals, and optionally delegating durable state to a `keel` CLI. The declared binaries (python3, pip3) and optional KEEL_CLOUD_API_KEY are appropriate for a CLI distributed via pip. Minor inconsistency: the registry metadata indicates no install spec, but the skill's embedded metadata and prose recommend installing a pip package (`threshold-keel`).
Instruction Scope
Instructions focus on classifying and gating state-changing actions, using the CLI when present, and keeping state durable only via the CLI. The file- and path-level references (e.g., suggested /tmp action JSON, warning about ~/.keel files) are within scope for a policy/approval tool. The skill assumes the agent has access to user resources (email, files, calendar, messaging) — that is a capability assumption but aligned with the stated purpose of intercepting actions across those channels.
Install Mechanism
The registry has no install spec, but the SKILL.md recommends installing a pip package named `threshold-keel` and using the `keel` CLI. Installing a third-party pip package is a normal delivery mechanism for a CLI, but it means arbitrary code will run on the host. The platform did not provide a vetted install spec; users should verify the package origin (PyPI/project homepage) before installing.
Credentials
The only environment variable required is an optional KEEL_CLOUD_API_KEY (for cloud sync). No unrelated secrets or multiple unrelated credentials are requested. This is proportionate to the described CLI+Cloud feature.
Persistence & Privilege
The skill does not request always:true, does not demand persistent installation, and explicitly differentiates 'instructions only' (no durable state) from CLI-managed durable state. Normal autonomous invocation is allowed by default; this combined with the optional cloud sync is expected for this kind of tool.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install threshold-keel - 安装完成后,直接呼叫该 Skill 的名称或使用
/threshold-keel触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.7
- Changed Python package installer from "uv" to "pip" in the install metadata.
- No other changes detected; skill behavior and documentation remain the same.
v0.2.6
threshold-keel 0.2.6
- Clarified that agent should not create or manage state files (e.g. ~/.keel/) directly in instructions mode; only the CLI manages durable state.
- Updated documentation to emphasize that instructions mode is a behavioural safety layer with session-only tracking, not a persistent audit system.
- Updated homepage link to a new canonical URL.
- Improved description to highlight CLI-backed cryptographic audit trails and policy enforcement.
- Removed advice to create local state files in instructions mode, preventing incompatibility with CLI usage.
v0.2.5
- Added detailed SKILL.md documentation outlining Keel’s risk tiers, execution modes, core safety rules, and approval workflows for autonomous agents.
- Introduced classification and handling requirements for all actions (T0–T3), including strict structured approval rules for destructive operations.
- Described three execution modes: instructions only, local CLI, and CLI with cloud sync.
- Specified CLI usage for logging, policy evaluation, audits, and quarantine management.
- Clarified quarantine-first policy for deletions, batch approval limits, and mandatory user previews for irreversible actions.
元数据
常见问题
Threshold Keel 是什么?
Safety guardrails for autonomous agents. Intercepts destructive actions, requires structured approval before irreversible operations, with CLI-backed cryptog... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 167 次。
如何安装 Threshold Keel?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install threshold-keel」即可一键安装,无需额外配置。
Threshold Keel 是免费的吗?
是的,Threshold Keel 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Threshold Keel 支持哪些平台?
Threshold Keel 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Threshold Keel?
由 Threshold Signalworks(@andaltan)开发并维护,当前版本 v0.2.7。
推荐 Skills