← 返回 Skills 市场
174
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install vmware-policy
功能描述
Unified audit logging, policy enforcement, and input sanitization for the entire VMware MCP skill family. Use when querying audit logs, managing policy rules...
安全使用建议
This skill appears to be what it claims: a local audit and policy library that decorates other VMware skills. Before installing: 1) verify the upstream source (github.com/zw008/VMware-Policy) and inspect the published package if you can; 2) ensure ~/.vmware is restricted (chmod 700) and review ~/.vmware/rules.yaml so rules do not inadvertently permit or block operations you care about; 3) confirm that sensitive parameters are declared via sensitive_params to avoid logging secrets, and audit the DB (~/.vmware/audit.db) contents for sensitive data; 4) note the skill detects agent-related env vars (for logging) and honors VMWARE_POLICY_DISABLED for bypass — treat that env var carefully; 5) resolve the minor metadata inconsistency about the install spec (SKILL.md has an installer block but registry says no install spec) by checking the package manifest before install. Overall coherent, but review logging/configuration and the package source before enabling across many skills.
功能分析
Type: OpenClaw Skill
Name: vmware-policy
Version: 1.5.14
The vmware-policy skill serves as a defensive infrastructure layer providing audit logging, policy enforcement, and input sanitization for VMware-related tools. It includes a @vmware_tool decorator for tracking execution, a PolicyEngine for rule-based access control, and a sanitize() function designed to prevent prompt injection from API responses. While it inspects environment variables like OPENAI_API_KEY to identify the calling agent, the documentation explicitly states this is for metadata purposes only and that no credentials are logged or exfiltrated. The behavior is well-documented and aligns with its stated purpose as a security utility.
能力标签
能力评估
Purpose & Capability
Name/description match the declared behavior: unified audit logging, policy enforcement, sanitization, and a decorator that wraps other VMware skills. Declared binary (vmware-audit) and config path (~/.vmware/rules.yaml) are consistent with the stated functionality.
Instruction Scope
SKILL.md limits actions to local audit DB, rules file, CLI operations, and decorator/sanitizer use. It does detect AI agent presence via common environment variables and writes audit records (timestamp, skill, tool, params, result, user, agent, etc.) to ~/.vmware/audit.db. That is consistent with an audit system but means parameters/results may be logged locally (sensitive_params are redacted if configured). No instructions to transmit data to external endpoints are present.
Install Mechanism
The skill is instruction-only (no code files) and references installation via the platform 'uv' (installer: kind: uv, package: vmware-policy) which is a low-risk, registry-style mechanism. Minor inconsistency: registry metadata indicates 'No install spec' while SKILL.md contains an 'installer' block. Nothing points to downloads from untrusted URLs or archive extraction.
Credentials
No required credentials are requested. The skill relies on/reads standard env vars for agent detection (CLAUDE_SESSION_ID, OLLAMA_HOST, OPENAI_API_KEY, DEERFLOW_SESSION) and supports VMWARE_POLICY_DISABLED for bypass. This is expected, but because parameters/results are recorded in the audit DB, ensure sensitive parameters are listed in sensitive_params to avoid logging secrets.
Persistence & Privilege
always:false and no unusual persistence flags. The skill is intended to be auto-installed as a dependency across the VMware skill family and to wrap many tools; that increases its influence/attack surface if it were malicious, but the skill itself does not request elevated system-wide privileges or modify other skills' configs. Autonomous invocation is allowed (default) which is expected for skills.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install vmware-policy - 安装完成后,直接呼叫该 Skill 的名称或使用
/vmware-policy触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.5.14
v1.5.14: code review fixes by @yjs-2026 + Snyk E005 disclaimer
v1.5.0
v1.5.0: Anthropic best practices, [READ]/[WRITE] prefixes, Broadcom attestation
v1.4.10
remove unused VMWARE_POLICY_CONFIG, agent detection transparency, Broadcom author attestation
v1.4.4
v1.4.4: vmware-avi family integration, cross-skill routing, sanitize coverage, safety tests
元数据
常见问题
Vmware Policy 是什么?
Unified audit logging, policy enforcement, and input sanitization for the entire VMware MCP skill family. Use when querying audit logs, managing policy rules... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 174 次。
如何安装 Vmware Policy?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install vmware-policy」即可一键安装,无需额外配置。
Vmware Policy 是免费的吗?
是的,Vmware Policy 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Vmware Policy 支持哪些平台?
Vmware Policy 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(macos, linux)。
谁开发了 Vmware Policy?
由 zw008(@zw008)开发并维护,当前版本 v1.5.14。
推荐 Skills