← 返回 Skills 市场
182
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install tool-registry
功能描述
工具注册与发现系统。基于Token匹配的工具路由,支持权限控制和子代理工具白名单。 当用户说"工具有哪些"、"搜索工具"、"查找技能"、"工具路由"时触发。
安全使用建议
This skill implements a registry that includes tools able to read/write local files and run shell commands. While that capability can be legitimate for a tool router, there are two red flags you should address before installing or enabling it for agents: (1) The runtime register includes dangerous tools (bash, write_file) available to broad agent types (the code registers bash for 'general'), and (2) the execute() method does not enforce the documented permission or agent-type checks, so callers can invoke dangerous tools without proper filtering. Recommended actions: review and/or modify the provided scripts so execute() enforces user/agent permissions, restrict dangerous tools to tightly scoped agent types, add input validation/sanitization and sandboxing for command execution, and test in an isolated environment. If you cannot audit or harden the code, avoid enabling the skill for autonomous agents or only allow it for highly-trusted, manual invocations.
功能分析
Type: OpenClaw Skill
Name: tool-registry
Version: 1.0.0
The skill bundle implements a tool registry that includes pre-configured, high-risk capabilities in `scripts/tool-registry.mjs`, specifically arbitrary shell command execution (the `bash` tool using `child_process.spawn`) and direct file system read/write access (`read_file` and `write_file`). While these tools are aligned with the stated purpose of providing a discovery and execution framework for an AI agent, the inclusion of functional RCE and filesystem manipulation tools without external sandboxing or robust input validation constitutes a significant security risk. No evidence of intentional data exfiltration or hidden backdoors was found, but the inherent power of the provided tools warrants a suspicious classification.
能力评估
Purpose & Capability
The name/description (a registry for registering and discovering tools) aligns with the code and SKILL.md: the registry registers tools like read_file, write_file and bash and provides search/filter/execute APIs. However, the presence of built-in dangerous tools (bash, write_file) is notable but explainable for a registry. There is a code/MD mismatch: the SKILL.md examples restrict 'bash' to 'verification' agents in one spot but the bundled script registers 'bash' for ['verification','general'], which is an incoherence worth flagging.
Instruction Scope
The SKILL.md and the code instruct usage of tools that can read arbitrary local files, write arbitrary files, and execute arbitrary shell commands. More importantly, ToolRegistry.execute(name, input, context) calls the tool's execute handler directly without checking the caller's permission level or agentType — despite the documented permission/agent filtering features. That allows callers to run dangerous ops even when they should be filtered out. The instructions imply permission filtering but the runtime code does not enforce it on execution.
Install Mechanism
Instruction-only with a single local JS module and no install spec. Nothing is downloaded or installed automatically; no third-party packages are pulled during skill installation.
Credentials
The skill declares no required environment variables, credentials, or config paths. The code does not request secrets or external credentials. This is proportionate to a registry. Note: the registry's tools operate on the local filesystem and spawn processes, which are powerful but don't require explicit env/credentials.
Persistence & Privilege
The skill is not always-enabled and can be invoked by users. It does not request persistent system privileges or modify other skills. Autonomous invocation is allowed (platform default) but is not combined here with always:true or broad credential access.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install tool-registry - 安装完成后,直接呼叫该 Skill 的名称或使用
/tool-registry触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
tool-registry 1.0.0
- Initial release of a token-based tool registry and discovery system with permission control and agent-type white-listing.
- Supports tool search, registration, permission filtering, agent filtering, and score-based matching via keywords, aliases, and descriptions.
- Integrated APIs for registering, searching, filtering, and executing tools.
- Triggered by common user queries related to tools or skills.
元数据
常见问题
Tool Registry 是什么?
工具注册与发现系统。基于Token匹配的工具路由,支持权限控制和子代理工具白名单。 当用户说"工具有哪些"、"搜索工具"、"查找技能"、"工具路由"时触发。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 182 次。
如何安装 Tool Registry?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install tool-registry」即可一键安装,无需额外配置。
Tool Registry 是免费的吗?
是的,Tool Registry 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Tool Registry 支持哪些平台?
Tool Registry 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Tool Registry?
由 xhmqq616(@xhmqq616)开发并维护,当前版本 v1.0.0。
推荐 Skills