← 返回 Skills 市场
dinghaibin

Whoami Tool Check

作者 BIN · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
82
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install whoami-tool-check
功能描述
Identity verification utility — validate current user against expected roles, check sudo access, and audit user capabilities. Extended whoami for security an...
使用说明 (SKILL.md)

Whoami Tool Check — Identity & Access Verifier

Extended identity verification: confirm the current user matches an expected role, verify sudo/root access, check group membership for specific capabilities, and audit user-level access for security-sensitive operations.

Quick Start

# Verify current user
whoami-tool-check

# Check if current user has sudo access
whoami-tool-check --sudo

Usage

whoami-tool-check [OPTIONS]

Options:
  --sudo          Check if user has sudo/root access
  --role ROLE     Verify user belongs to a role group (sudo, docker, admin, etc.)
  --capabilities  List all accessible system capabilities
  --audit         Full user audit: uid, gid, groups, sudo, shell, home
  --json          Output as structured JSON
  --check-user USER   Check if a specific user exists and their details

Examples

# Full audit
whoami-tool-check --audit

# Check if user has docker access
whoami-tool-check --role docker

# List all capabilities
whoami-tool-check --capabilities

# Check if another user exists
whoami-tool-check --check-user www-data

# JSON for pipeline ingestion
whoami-tool-check --audit --json

Features

  • Current identity — standard whoami output
  • Sudo access check — passwordless sudo availability
  • Role verification — check group membership for specific roles
  • User audit — comprehensive report (uid, gid, groups, sudo, shell, home dir)
  • User existence — verify other system users
  • JSON output — structured for security audits and automation
  • Exit codes — 0/1 for easy script integration
安全使用建议
This skill does not show malicious behavior in the provided artifacts. However, its documentation is much broader than its included Python script, so treat it as a simple username utility unless you independently verify that the installed `whoami-tool-check` command actually supports the advertised audit options.
功能分析
Type: OpenClaw Skill Name: whoami-tool-check Version: 1.0.0 There is a significant discrepancy between the documentation and the actual implementation. SKILL.md describes a comprehensive identity and security auditing tool with features like sudo access verification (`--sudo`), role checking (`--role`), and system capability auditing (`--audit`), but the actual code in `scripts/whoami.py` is a trivial three-line script that only prints the current username and ignores all functional arguments. This misleading documentation could trick an AI agent into providing false assurances about system security or user privileges.
能力评估
Purpose & Capability
The stated purpose is local identity and access verification, which is coherent with a whoami-style utility, but the provided script only prints the current username and does not implement the advertised sudo, role, capability, audit, JSON, or other-user checks.
Instruction Scope
The documented commands involve checking local account and privilege metadata, which is purpose-aligned for an identity audit tool, but users should not rely on the advertised broader checks unless the actual executable implementation is verified.
Install Mechanism
There is no install spec and no declared binary requirement, while the documentation refers to a `whoami-tool-check` command. This looks like incomplete packaging rather than malicious behavior.
Credentials
The documented audit features would inspect local user, group, sudo, shell, and home-directory information. That is proportionate to the stated purpose, but it is still local identity/privilege metadata.
Persistence & Privilege
No persistence, background execution, credential use, network access, privilege escalation, or destructive behavior is shown in the provided artifacts.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install whoami-tool-check
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /whoami-tool-check 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release
元数据
Slug whoami-tool-check
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Whoami Tool Check 是什么?

Identity verification utility — validate current user against expected roles, check sudo access, and audit user capabilities. Extended whoami for security an... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 82 次。

如何安装 Whoami Tool Check?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install whoami-tool-check」即可一键安装,无需额外配置。

Whoami Tool Check 是免费的吗?

是的,Whoami Tool Check 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Whoami Tool Check 支持哪些平台?

Whoami Tool Check 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Whoami Tool Check?

由 BIN(@dinghaibin)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论