← 返回 Skills 市场
119
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install undo
功能描述
File edit time machine for AI agents. Automatically snapshot file changes after every Write, Edit, or Shell operation, and provide undo/revert capabilities t...
安全使用建议
This skill's code appears to implement a local file snapshot/undo system and is internally consistent with its description, but take these precautions before installing or enabling it: 1) Understand snapshot storage: snapshots are stored under ~/.local/share/undo-skill/repos/ by default — they include project file contents (which may contain secrets). Decide whether that storage location is acceptable. 2) Review and limit what gets tracked: add explicit ignores or avoid initializing projects that contain secrets or large binary data. 3) Disable or control the watcher: the background watcher auto-snapshots and could capture unintended data; prefer manual snapshotting or run watcher only under supervision. 4) Auto-install behavior: init.js will try to run package-manager install commands to install git if missing — this executes system package commands and may require elevated privileges; prefer to preinstall git manually and/or inspect the init script before letting it run. 5) Audit stored snapshots: periodically inspect ~/.local/share/undo-skill/repos/ and remove sensitive snapshots if needed. 6) If you need stronger guarantees, request changes: support for encrypted snapshot storage, confirmation prompts before auto-snapshotting, or an opt-in list of paths to exclude. If you want help producing a minimal checklist of settings to make this safe for your environment, tell me the OS and how you plan to run agents.
功能分析
Type: OpenClaw Skill
Name: undo
Version: 1.0.1
The skill provides a file versioning system using a hidden local Git repository. It is classified as suspicious due to a critical shell injection vulnerability in `lib/git.js`, where the `runGit` function executes system commands via `execSync` using unsanitized string interpolation of arguments. Additionally, `scripts/init.js` contains high-risk logic that attempts to auto-install software using system package managers (`apt-get`, `brew`, `yum`, etc.), which requires elevated privileges. While these behaviors appear intended for the skill's stated purpose, the lack of input sanitization and the broad system-level execution capabilities pose a significant security risk.
能力标签
能力评估
Purpose & Capability
The name/description match the implementation: scripts create snapshots, list history, create checkpoints, undo to commits/timestamps, and run a background watcher. The only declared runtime requirement (node) is consistent with the included Node.js scripts.
Instruction Scope
The scripts copy the entire project (with reasonable ignores like node_modules and .git) into a separate storage location (~/.local/share/undo-skill/repos/<hash>). That behavior is coherent with 'undo' functionality, but it means the skill will read and persist all tracked project files (which can include secrets, credentials, or large binary files). The SKILL.md insists snapshots be run after every Write/Edit/Shell and instructs agents to run the watcher for automatic snapshots; this gives the skill broad file-access behavior by design.
Install Mechanism
There is no external download/install spec in the registry (no remote fetch). All code is included in the skill bundle (Node scripts). However init.js contains logic to attempt to auto-install git by running system package manager commands (apt-get, apk, yum, dnf, pacman, brew, nix-env, pkg). Auto-install attempts are potentially sensitive because they execute system package manager commands and may require elevated privileges; this is understandable (git is needed) but worth flagging before allowing autonomous runs.
Credentials
The skill does not request any external credentials or environment variables beyond optional watcher tuning (UNDO_WATCHER_DEBOUNCE, UNDO_WATCHER_POLL). There are no unrelated secret requests. The main proportionality concern is data scope: the skill copies and stores project files outside the project, which is functionally required but increases confidentiality risk.
Persistence & Privilege
The skill is not always:true. But it includes a watcher script that can run in the background (prints a PID and auto-snapshots) and the SKILL.md encourages automatic snapshotting after every change. If the agent invokes the watcher autonomously, snapshots will be taken over time without explicit per-snapshot user confirmation. Autonomous invocation combined with ongoing local file copies increases blast radius if the skill is allowed to run without review.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install undo - 安装完成后,直接呼叫该 Skill 的名称或使用
/undo触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
- Added README.MD file providing documentation or usage details.
v1.0.0
Initial release of the Undo skill: a file edit time machine for AI agents.
- Automatically snapshots file changes after every Write, Edit, or Shell operation, enabling undo/revert to any previous state.
- Supports undoing the last change, undoing N steps, undoing to a timestamp, undoing to a named checkpoint, listing change history, and creating checkpoints.
- Activates upon user commands such as "enable undo", "undo", "revert", "restore", or "show history".
- All scripts output structured JSON for reliable integration and parsing.
- Uses an external bare git repository for history, with project isolation and robust branch strategy.
- Includes built-in watcher for auto-snapshots during long sessions.
元数据
常见问题
Undo 是什么?
File edit time machine for AI agents. Automatically snapshot file changes after every Write, Edit, or Shell operation, and provide undo/revert capabilities t... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 119 次。
如何安装 Undo?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install undo」即可一键安装,无需额外配置。
Undo 是免费的吗?
是的,Undo 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Undo 支持哪些平台?
Undo 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Undo?
由 xguang(@x-guang)开发并维护,当前版本 v1.0.1。
推荐 Skills