← 返回 Skills 市场
2165
总下载
0
收藏
2
当前安装
3
版本数
在 OpenClaw 中安装
/install wyoming-clawdbot
功能描述
Wyoming Protocol bridge for Home Assistant voice assistant integration with Clawdbot.
安全使用建议
This package appears to implement the advertised Wyoming→Clawdbot bridge, but there are a few issues to consider before installing:
- The code calls a local 'clawdbot' CLI; make sure you have that CLI installed and understand its security model. The skill metadata did not declare this required binary.
- docker-compose.yml mounts ${HOME}/.clawdbot into the container. That directory likely contains your Clawdbot credentials/tokens — mounting it into a container gives the container full access to those secrets. Only do this if you trust the code and the runtime environment.
- The compose file specifies 'build: .' but the repository in the package does not include a Dockerfile (manifest shows none). The provided Docker instructions may fail; you may need to run the Python script directly in a venv instead.
- The service binds to 0.0.0.0 and uses host networking, exposing the Wyoming service on your LAN/host. Consider firewall rules or binding to localhost if you only want local access.
If you want to proceed, inspect the cloned repository yourself (or the upstream GitHub repo), verify the Dockerfile/build context before running containers, and examine the contents of ~/.clawdbot to understand what secrets will be exposed. If you do not trust the upstream source, run the Python script in a restricted environment (non-privileged user, no sensitive mounts) or avoid mounting your home config into the container.
功能分析
Type: OpenClaw Skill
Name: wyoming-clawdbot
Version: 1.0.2
The skill is classified as suspicious due to several high-risk capabilities, despite lacking clear evidence of intentional malicious behavior. The `docker-compose.yml` file uses `network_mode: host`, granting the container full access to the host's network stack, and mounts `${HOME}/.clawdbot` from the host, exposing potentially sensitive configuration or credentials. Additionally, the `wyoming_clawdbot.py` script executes the `clawdbot` CLI tool using `asyncio.create_subprocess_exec` with user-controlled input (`transcript.text`), which, while implemented to mitigate direct shell injection, still represents a potential command injection vector if the `clawdbot` executable itself is vulnerable. These capabilities, while potentially necessary for the stated purpose, introduce significant security risks.
能力评估
Purpose & Capability
The Python code implements a Wyoming protocol server that forwards transcripts to a local Clawdbot CLI — this is coherent with the skill name/description. However, the package metadata declares no required binaries or config paths while the code and docker-compose clearly require the 'clawdbot' CLI and access to a Clawdbot config directory (~/.clawdbot). That omission is an inconsistency.
Instruction Scope
SKILL.md instructs cloning the GitHub repo and running docker compose up. The docker-compose.yml mounts ${HOME}/.clawdbot into the container (exposes local Clawdbot credentials/config) and uses network_mode: host (opens the service to the host network). These steps are relevant for the stated purpose, but the instructions do not warn about exposing local config/tokens. Also the included repository lacks a Dockerfile (docker-compose uses 'build: .' which will fail or be confusing), which is an instruction/packaging mismatch.
Install Mechanism
This is effectively instruction-only (no formal install spec). The SKILL.md/README tell users to git clone from GitHub — GitHub is a normal source. There is no third-party archive download or obscure URL. However, the repo package includes a docker-compose that expects a build context but no Dockerfile was provided in the manifest, creating an install/runtime problem.
Credentials
The skill declares no required environment variables or config paths, yet the runtime relies on an external 'clawdbot' CLI and the user's ~/.clawdbot config (docker-compose mounts that path). Access to ~/.clawdbot likely exposes authentication tokens or keys for Clawdbot — this is proportional if you intend to bridge to your local Clawdbot, but it should be explicitly declared and documented. The omission is a notable mismatch.
Persistence & Privilege
The skill does not request always:true and does not alter other skills. But the recommended deployment uses network_mode: host and listens by default on 0.0.0.0:10600, which exposes the service to the local network/host. Running as a long-lived systemd/Docker service (as README suggests) is expected for this use-case but increases the blast radius if the service or container is misconfigured or compromised.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install wyoming-clawdbot - 安装完成后,直接呼叫该 Skill 的名称或使用
/wyoming-clawdbot触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
Use $HOME instead of hardcoded path in docker-compose.yml
v1.0.1
Use $HOME instead of hardcoded path in docker-compose.yml
v1.0.0
Initial release: Wyoming Protocol bridge for Home Assistant voice integration
元数据
常见问题
Wyoming Clawdbot 是什么?
Wyoming Protocol bridge for Home Assistant voice assistant integration with Clawdbot. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2165 次。
如何安装 Wyoming Clawdbot?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install wyoming-clawdbot」即可一键安装,无需额外配置。
Wyoming Clawdbot 是免费的吗?
是的,Wyoming Clawdbot 完全免费(开源免费),可自由下载、安装和使用。
Wyoming Clawdbot 支持哪些平台?
Wyoming Clawdbot 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Wyoming Clawdbot?
由 vglafirov(@vglafirov)开发并维护,当前版本 v1.0.2。
推荐 Skills