← 返回 Skills 市场
Uplo Enterprise It
作者
RooJenkins
· GitHub ↗
· v1.0.0
· MIT-0
156
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install uplo-enterprise-it
功能描述
AI-powered enterprise IT intelligence spanning DevOps, cybersecurity, and engineering. Unified search across infrastructure, security, and architecture docum...
安全使用建议
This skill appears to do what it says (search and contextualize enterprise IT docs), but verify a few things before installing: 1) Confirm the registry metadata vs skill.json inconsistency — the skill requires an UPLO instance URL and API key (API key is sensitive). 2) Review the npm package '@agentdocs1/mcp-server' (publisher, source code, version) that 'npx' will fetch and execute; prefer pinned releases or a vetted binary. 3) Limit the API key scopes and test with a token that has read-only, limited-scope access in a staging environment first. 4) Be cautious with 'export_org_context' — it can export highly sensitive data; confirm who can invoke that action and where exported data is stored/transmitted. If you cannot verify the npm package or the origin of the UPLO instance, treat the install as higher risk.
功能分析
Type: OpenClaw Skill
Name: uplo-enterprise-it
Version: 1.0.0
The skill bundle is a legitimate integration for the UPLO platform, designed to provide AI-powered search and management of enterprise IT, DevOps, and cybersecurity documentation. While it includes high-privilege tools such as 'export_org_context' and 'search_with_context' that can access sensitive infrastructure data (e.g., firewall matrices, CVE scans), these capabilities are central to its stated purpose. The instructions in SKILL.md and identity-patch.md explicitly direct the agent to respect data classification tiers and verify clearance before surfacing restricted information, indicating a focus on security-conscious operations rather than exploitation.
能力评估
Purpose & Capability
The skill's name, README, SKILL.md, and skill.json all describe an enterprise IT knowledge connector (search, directives, org snapshots) and the required capabilities align with that purpose. However the registry metadata provided earlier lists no required credentials or env vars while skill.json and README clearly require an UPLO instance URL and an API key — this mismatch is an inconsistency you should confirm.
Instruction Scope
SKILL.md instructs the agent to call well-scoped MCP-style tools (get_identity_context, get_directives, search_knowledge, search_with_context, export_org_context, etc.) and explicitly instructs respecting classification tiers. It does not tell the agent to read arbitrary local files or unknown system paths. The primary risk is that 'export_org_context' can return a complete org snapshot (highly sensitive) — but that capability is coherent with the skill's stated purpose.
Install Mechanism
The registry shows no formal install spec, but README and skill.json indicate the MCP server will be launched via 'npx -y @agentdocs1/mcp-server --http' with AGENTDOCS_URL and API_KEY in env. That means code will be fetched from the npm registry and executed at runtime. Fetching/running a third-party npm package has moderate risk: verify the package publisher (@agentdocs1), review the package source, and prefer pinned versions or vetted releases.
Credentials
skill.json requires an agentdocs_url and an api_key (MCP token). These are expected for connecting to UPLO, but they are high-value credentials because they grant access to organizational documents (including possibly sensitive artifacts via export_org_context). The earlier registry metadata claiming 'no required env vars' conflicts with this — verify the token scopes and whether the API key can be scoped to limit access.
Persistence & Privilege
The skill is not always-enabled and is user-invocable; it does not request persistent system-wide privileges or modify other skills. Running the MCP server spawns a subprocess but that is normal for MCP-style integrations. Ensure the spawned process runs with least privilege and in an environment you trust.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install uplo-enterprise-it - 安装完成后,直接呼叫该 Skill 的名称或使用
/uplo-enterprise-it触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of uplo-enterprise-it skill.
- Provides AI-powered unified search across DevOps, cybersecurity, and engineering documentation.
- Supports context-aware queries for incident response, security compliance, architecture, and operational procedures.
- Integrates tools for knowledge search, context-aware recommendations, directive retrieval, organizational context export, and documentation quality tracking.
- Enforces access based on user identity, team, and clearance tier, respecting documentation classification and security boundaries.
元数据
常见问题
Uplo Enterprise It 是什么?
AI-powered enterprise IT intelligence spanning DevOps, cybersecurity, and engineering. Unified search across infrastructure, security, and architecture docum... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 156 次。
如何安装 Uplo Enterprise It?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install uplo-enterprise-it」即可一键安装,无需额外配置。
Uplo Enterprise It 是免费的吗?
是的,Uplo Enterprise It 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Uplo Enterprise It 支持哪些平台?
Uplo Enterprise It 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Uplo Enterprise It?
由 RooJenkins(@roojenkins)开发并维护,当前版本 v1.0.0。
推荐 Skills