← 返回 Skills 市场
148
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install uwvwko-safe
功能描述
网页浏览安全防护技能。自动识别和阻止恶意高危指令,防止敏感信息泄露和未授权命令执行。 在浏览网页时遇到危险请求时,立即阻止并通知用户。
安全使用建议
This skill appears coherent and safe as an instruction-only policy for blocking dangerous web prompts. Before installing: (1) understand that it is only guidance — actual enforcement depends on the agent implementing these rules; (2) if you want email alerts, log shipping, or sandbox execution you will need to supply/approve the corresponding credentials and runtimes (mail server credentials, Docker/VM access), which are not requested by the skill; (3) expect possible false positives (legitimate site behaviors could be blocked) and test on non-critical browsing sessions; (4) verify the agent actually follows the SKILL.md (check logs and behavior) rather than ignoring or overriding it.
功能分析
Type: OpenClaw Skill
Name: uwvwko-safe
Version: 1.0.0
The skill bundle 'uwvwko-safe' is a defensive security tool designed to harden the OpenClaw agent against malicious web content and prompt injection. The SKILL.md file provides comprehensive instructions for the agent to identify and block high-risk activities such as API key exfiltration, unauthorized system command execution (e.g., rm, sudo, curl), and sensitive file access (e.g., .env, /etc/passwd). It establishes clear protocols for notifying the user and logging security events, functioning entirely as a protective layer without any evidence of malicious intent or hidden data exfiltration.
能力评估
Purpose & Capability
The skill's name/description (web browsing safety) matches the SKILL.md content: rules to detect/block sensitive-data leaks, dangerous commands, file access, and to notify the user. It does not ask for unrelated resources (no cloud keys, no system credentials).
Instruction Scope
The SKILL.md gives explicit, narrow runtime rules (keyword and behavior detection, block & notify workflow). It does not instruct the agent to read arbitrary host files or exfiltrate data. Note: it references actions like logging, email notification, sandbox/VM/container execution and deep analysis as possible implementations — these are suggestions rather than mandatory steps; if an agent were to implement them, additional privileges/config would be required.
Install Mechanism
Instruction-only skill with no install spec and no code files, so nothing is written to disk or downloaded during install.
Credentials
The skill declares no required environment variables or credentials, which is appropriate. However, some optional features it describes (email notifications, sending logs, running containers/VMs) would require external configuration or credentials if implemented — the SKILL.md does not request or document those, so an integrator would need to provision them separately.
Persistence & Privilege
always is false and the skill does not request persistent system-level modifications or access to other skills' configs. Autonomous invocation is permitted by default (normal), but there is no indication the skill attempts privileged persistence.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install uwvwko-safe - 安装完成后,直接呼叫该 Skill 的名称或使用
/uwvwko-safe触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: 自动防护网页浏览安全,阻止高危指令和敏感信息泄露。
- 自动识别并拦截常见恶意请求,如API密钥泄露、系统命令执行、敏感文件读取等
- 实时以安全警告和紧急通知提醒用户,提供详细风险信息及操作建议
- 建立多重检测机制,支持关键词、混淆与行为分析等多维度检测
- 日志全程记录安全事件,支持分级通知(即时、邮件、统计报告)
- 提供丰富使用建议和例外清单,兼顾安全性与易用性
元数据
常见问题
safe 是什么?
网页浏览安全防护技能。自动识别和阻止恶意高危指令,防止敏感信息泄露和未授权命令执行。 在浏览网页时遇到危险请求时,立即阻止并通知用户。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 148 次。
如何安装 safe?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install uwvwko-safe」即可一键安装,无需额外配置。
safe 是免费的吗?
是的,safe 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
safe 支持哪些平台?
safe 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 safe?
由 uwvwko(@uwvwko-zzz)开发并维护,当前版本 v1.0.0。
推荐 Skills