← 返回 Skills 市场
gakkiismywife

Trace Debugger Safety

作者 gakkiismywife · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
95
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install trace-debugger-safety
功能描述
Safer end-to-end trace debugging from trace_id using Jaeger and Elasticsearch with guarded Codex analysis. Use when a user wants a trace report similar to tr...
安全使用建议
This skill is mostly coherent for trace debugging, but exercise caution before installing or running it: - Inspect how run_codex_analysis is implemented (the script references a 'Codex' analysis path). Confirm whether it calls an external CLI or LLM API and whether that requires API keys (e.g., OPENAI_API_KEY or a custom token). The skill declares no required env vars, so missing credential documentation is a gap. - Prefer running with --no-codex when analyzing logs from untrusted sources to avoid prompt-injection risks (the SKILL.md already advises this). - Only pass an absolute repo_path you trust; the script will read many source files and may include file paths in the report. - If you need to run this in production, run it against local/test Jaeger/ES endpoints first (defaults are localhost). Verify network requests made by the script (which endpoints are contacted) and confirm there are no hardcoded remote endpoints. - If you are not comfortable auditing the full run_codex_analysis code path or any subprocess calls the script makes, consider not enabling Codex analysis or running the script in a restricted environment (container, limited filesystem access) to reduce risk.
能力评估
Purpose & Capability
Name/description (trace debugging using Jaeger + Elasticsearch, optional code context) aligns with the script: it queries Jaeger/ES endpoints, normalizes spans/logs, and performs optional repository analysis. Requesting repo_path and jaeger/es URLs is coherent with the stated purpose.
Instruction Scope
SKILL.md instructs running the included Python script, providing trace_id and optional jaeger/es URLs and repo path. The instructions explicitly allow reading a local repo (if provided) and require writing and then deleting a Markdown report — those are within scope. The skill also instructs sending the generated report as a file attachment with a specific message format; that is an agent-level behavior but consistent with the skill. One scope concern: the SKILL.md and code emphasize an optional 'Codex' analysis path; the docs warn about prompt-injection risk, but they do not explain what 'Codex' binary/service is or what credentials it needs.
Install Mechanism
No install spec — instruction-only with an included Python script. There are no downloads or package installs, so nothing extra is written to disk by an installer. Running the script will execute code bundled with the skill (normal for instruction-plus-script skills).
Credentials
The skill declares no environment variables or credentials, but the code imports subprocess and includes a run_codex_analysis flow (truncated in the provided snippet) that likely invokes an external 'Codex' analysis step. If Codex requires API keys (e.g., OpenAI/OpenAI CLI, other LLM service), those credentials are not declared in requires.env or documented, creating a mismatch. Additionally, the script reads arbitrary files under a provided absolute repo_path, which is expected for code-context features but is privileged file access — users should only supply trusted repo paths.
Persistence & Privilege
The skill is not always-included and does not request persistent system privileges. It runs only when invoked and does not appear to modify other skills or system-wide agent settings. Writing a temporary Markdown report and deleting it afterward is normal and explicitly documented.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install trace-debugger-safety
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /trace-debugger-safety 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: safer trace debugger with optional Codex, sanitized logs, and no hardcoded repo path.
元数据
Slug trace-debugger-safety
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Trace Debugger Safety 是什么?

Safer end-to-end trace debugging from trace_id using Jaeger and Elasticsearch with guarded Codex analysis. Use when a user wants a trace report similar to tr... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 95 次。

如何安装 Trace Debugger Safety?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install trace-debugger-safety」即可一键安装,无需额外配置。

Trace Debugger Safety 是免费的吗?

是的,Trace Debugger Safety 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Trace Debugger Safety 支持哪些平台?

Trace Debugger Safety 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Trace Debugger Safety?

由 gakkiismywife(@gakkiismywife)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论