← 返回 Skills 市场
316
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install tribunal-usage
功能描述
Use Tribunal commands for TDD enforcement, quality gates, secret scanning, Agent Teams hooks, CI integration, and plugin packs. Use when running quality chec...
安全使用建议
This skill appears to be an instruction wrapper around an external 'tribunal' tool and is mostly coherent with that purpose — but there are important gaps you should verify before installing: 1) Confirm the provenance of the 'tribunal' tool you will run (pip package and/or binary) and review its code or vendor trust. 2) Expect the tool to read and write project files (.tribunal/, tribunal/rules/) and to create an audit log; review those files for sensitive content and consider running in a fork/CI sandbox first. 3) The SKILL.md references environment variables (CLAUDE_CODE_MODE, CLAUDE_CONTEXT_WINDOW) and MCP/network integrations that are not declared in the skill metadata — ask where the MCP server is hosted and whether any credentials are needed, and avoid pointing sensitive data to unknown endpoints. 4) If you use plugin packs from URLs or registries, inspect them before installing. If you lack confidence in the external tribunal package or the MCP endpoint, run this in an isolated environment or decline installation.
功能分析
Type: OpenClaw Skill
Name: tribunal-usage
Version: 1.0.0
The skill bundle describes 'Tribunal,' a quality enforcement tool that integrates deeply with the development environment by hooking into every file write and test run. While its stated purpose is benign (TDD enforcement and secret scanning), it includes high-risk capabilities such as installing plugin packs from arbitrary remote URLs (e.g., `tribunal install <url>`) and monitoring all agent interactions. These features provide a significant attack surface for remote code execution or data access, although no explicit malicious intent or obfuscation was found in the documentation (SKILL.md).
能力评估
Purpose & Capability
Name/description (Tribunal quality enforcement) align with requiring a 'tribunal' binary and the commands shown. It's plausible the skill is instruction-only and relies on a local 'tribunal' tool. The README points to a sensible homepage and repository. However the SKILL.md also instructs installing via pip and using project-local config files (.tribunal), which is consistent but not declared in requires.env/manifest.
Instruction Scope
The instructions tell the agent to run tribunal commands that read/write project state and an audit log (.tribunal/audit.jsonl), auto-inject rules (tribunal/rules/*), and integrate with an MCP server. They also reference using CLAUDE_CODE_MODE and CLAUDE_CONTEXT_WINDOW environment variables and CI usage. These are within the stated purpose, but they grant the tool the ability to inspect and modify repository files and to send/query data via an MCP connector — behavior that isn't explicitly declared in the skill metadata.
Install Mechanism
No install spec is present (instruction-only skill), which minimizes direct install-time risk. The SKILL.md suggests 'pip install tribunal' and other package installs, but those are external developer actions rather than an automated install specified in the skill bundle.
Credentials
The skill metadata lists no required env vars, yet the instructions reference CLAUDE_CODE_MODE and CLAUDE_CONTEXT_WINDOW. The skill also describes MCP integration (pointing a connector to a 'Tribunal MCP server') and installing plugin packs from URLs or registries — these imply network endpoints and possible transfer of code/config, but no network endpoints or credentials are declared. Lack of declared env/credential requirements is an inconsistency and makes it unclear what secrets or endpoints the skill expects or will use.
Persistence & Privilege
always:false (good). The tool is described as hooking into file writes and writing audit logs and 'auto-injecting' rules into the repo, which gives it persistent, project-scoped effects (writes under .tribunal/ and tribunal/rules/). The skill itself doesn't request system-wide privileges, but its described behavior will persist changes within projects and interact with multi-agent workflows — review such writes before allowing them.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install tribunal-usage - 安装完成后,直接呼叫该 Skill 的名称或使用
/tribunal-usage触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Full usage guide — commands, modes, Agent Teams, CI, MCP, plugin packs
元数据
常见问题
Tribunal Usage 是什么?
Use Tribunal commands for TDD enforcement, quality gates, secret scanning, Agent Teams hooks, CI integration, and plugin packs. Use when running quality chec... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 316 次。
如何安装 Tribunal Usage?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install tribunal-usage」即可一键安装,无需额外配置。
Tribunal Usage 是免费的吗?
是的,Tribunal Usage 完全免费(开源免费),可自由下载、安装和使用。
Tribunal Usage 支持哪些平台?
Tribunal Usage 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Tribunal Usage?
由 koshaji(@koshaji)开发并维护,当前版本 v1.0.0。
推荐 Skills