← 返回 Skills 市场
mikehankk

Wei Devils Advocate

作者 Wei Han · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
119
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install wei-devils-advocate
功能描述
Stress-test ideas using multiple LLMs in adversarial roles to generate counterarguments, cross-check reasoning, and expose hidden risks and failure modes. 易找...
安全使用建议
What to check before installing: - Metadata mismatch: The registry metadata shows no required environment variables, but SKILL.md and code require OPENROUTER_API_KEY and/or DASHSCOPE_API_KEY. Don’t assume there are no credentials needed — the skill will ask for provider API keys. - Review client code: The included scripts make network calls to the configured api_base endpoints (openrouter.ai and dashscope.aliyuncs.com). If you will supply API keys, ensure you trust those provider endpoints and understand that queries (and any user data you pass) will be sent there. - Inspect prompt files: The pre-scan detected a prompt‑injection string in SKILL.md. Open prompts/debater.txt and prompts/judge.txt (and SKILL.md) and confirm the suspicious phrases are only documented as examples or defenses, not embedded in ways that could cause unintended model behavior. - File writes: The tool will write reports and intermediate outputs to reports/ and intermediate/ in the skill directory. Don’t run it from a location containing sensitive files you don’t want mixed or leaked. - Install steps: SKILL.md instructs installing Bun via the official bun.sh installer (downloaded by curl). That is common but you should only run it if you trust the source. The package dependencies are standard (axios, dotenv). - If you are unsure: request the author to update registry metadata to declare required env vars, provide a formal install spec, and confirm why any prompt phrases that resemble injection attacks are present. If you will provide API keys, avoid sending secrets or extremely sensitive data through the skill until you have audited the client implementations and prompts.
功能分析
Type: OpenClaw Skill Name: wei-devils-advocate Version: 1.0.0 The skill bundle is a legitimate multi-LLM adversarial analysis tool designed to stress-test ideas using various language models. The code implementation in `scripts/agent.ts` and the HTTP clients in `scripts/clients/` are well-structured, using standard libraries like Axios and Dotenv. Notably, the agent includes a proactive `sanitizeInput` function to mitigate prompt injection attacks by redacting common injection phrases. Sensitive data such as API keys are correctly handled via environment variables, and file operations are restricted to local report generation within the skill's directory. No evidence of data exfiltration, malicious execution, or unauthorized persistence was found.
能力标签
cryptocan-make-purchasesrequires-sensitive-credentials
能力评估
Purpose & Capability
The skill is a multi‑LLM 'devil's advocate' tool and the code calls multiple providers (OpenRouter / DashScope) which is appropriate for its purpose. However the registry metadata lists no required environment variables while SKILL.md and the code clearly expect OPENROUTER_API_KEY and/or DASHSCOPE_API_KEY — an inconsistency between declared requirements and actual needs.
Instruction Scope
SKILL.md instructs installing Bun, running scripts, and creating .env with provider API keys; the code reads config.json, prompts/, and writes reports/intermediate outputs. That scope is coherent for the stated task. However a pre‑scan found a prompt‑injection pattern ('ignore-previous-instructions') inside the SKILL.md content; while the agent implements input sanitization for common injection patterns, the existence of these strings in runtime prompt materials is a red flag that should be manually reviewed (could be an example/explanation or could be an attempt to manipulate models).
Install Mechanism
There is no formal install spec in the registry, but SKILL.md instructs using the Bun installer (curl https://bun.sh/install) and running 'bun install'. bun.sh is a known installer site; dependencies are standard (axios, dotenv). This is an expected workflow but the absence of a declared install spec while providing runnable code is an inconsistency to be aware of.
Credentials
The only runtime secrets referenced (OPENROUTER_API_KEY, DASHSCOPE_API_KEY) are appropriate for a multi‑provider LLM tool. The concern is the metadata claims no required env vars while the README/SKILL.md and code require API keys and will error if they are not set — this mismatch could mislead users into installing without realizing they'll need to provide provider credentials. No unrelated credentials (AWS, GitHub, etc.) are requested.
Persistence & Privilege
The skill is not 'always: true' and does not request system‑wide privileges. It writes reports and intermediate files into project directories (reports/, intermediate/), which is expected and disclosed in the README. It does not appear to alter other skills or system settings.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install wei-devils-advocate
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /wei-devils-advocate 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of wei-devils-advocate (v1.0.0). - Stress-tests ideas using multiple language models acting as devil’s advocates to generate counterarguments, cross-check reasoning, and expose hidden risks and failure modes. - Supports query-type based model selection and role-based model assignment via config.json. - Includes "attack" mode for generating adversarial analysis; multi-round "simulation" mode is planned for future versions. - Output includes thesis, hidden assumptions, counterarguments, failure scenarios, survivability, verdict, and recommendations. - Designed for use in decision validation, risk analysis, product testing, and more; not intended for consensus or brainstorming.
元数据
Slug wei-devils-advocate
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Wei Devils Advocate 是什么?

Stress-test ideas using multiple LLMs in adversarial roles to generate counterarguments, cross-check reasoning, and expose hidden risks and failure modes. 易找... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 119 次。

如何安装 Wei Devils Advocate?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install wei-devils-advocate」即可一键安装,无需额外配置。

Wei Devils Advocate 是免费的吗?

是的,Wei Devils Advocate 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Wei Devils Advocate 支持哪些平台?

Wei Devils Advocate 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Wei Devils Advocate?

由 Wei Han(@mikehankk)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论