← 返回 Skills 市场
raidone632-create

Zanna Aperta

作者 raidone632-create · GitHub ↗ · v3.4.0 · MIT-0
cross-platform ⚠ suspicious
143
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install zanna-aperta
功能描述
MCP Bridge completo per OpenClaw con 45 tool per agenti, workspace, progetti, cron, browser, canvas, nodes, messaging, gateway, Ollama e ClawX
安全使用建议
This skill appears coherent for a local MCP/OpenClaw bridge, but it executes local commands and reads/writes your OpenClaw workspace. Before installing: (1) review the included zanna-aperta.py yourself (it will run with your user permissions); (2) ensure no sensitive credentials or secrets are stored under the configured workspace path; (3) be aware it can create/delete workspaces, invoke OpenClaw tools, and interact with local services (Ollama on localhost and ClawX); (4) run it in a test or isolated environment if you want to limit risk; and (5) verify the openclaw binary and any local services it talks to are trusted. If you want extra assurance, ask for a full line-by-line review of the Python file (the provided snippet is large) or run the skill with a read-only workspace copy first.
功能分析
Type: OpenClaw Skill Name: zanna-aperta Version: 3.4.0 The skill bundle provides an extensive MCP bridge with high-privilege capabilities, including arbitrary Docker and Git command execution (exec_docker, exec_git), remote camera access (nodes_camera_snap), and JavaScript evaluation (canvas_eval). While these tools align with the stated purpose of managing an OpenClaw environment, the implementation of exec_docker and exec_git in zanna-aperta.py is highly vulnerable to command injection as it passes unsanitized user input directly to subprocess.run via string splitting. The broad access to system resources and connected devices, combined with weak input validation, presents a significant security risk.
能力标签
crypto
能力评估
Purpose & Capability
Name/description claim (MCP Bridge for OpenClaw exposing many tools) matches the code and SKILL.md: the script runs an OpenClaw CLI (OPENCLAW_BIN), manipulates workspace directories, and implements the listed tool handlers (agents, workspace, projects, cron, browser, exec, Ollama, ClawX, etc.). Nothing required by the code (workspace access, openclaw binary, optional local Ollama/ClawX) is out of scope for a bridge tool.
Instruction Scope
SKILL.md instructs adding the Python script to ~/.openfang/settings.json and to set OPENCLAW_WORKSPACE/OPENCLAW_BIN — the script reads/writes workspace files and uses the OpenClaw CLI. The instructions do not ask for unrelated files, secrets, or external endpoints beyond optional local services (ollama on localhost and ClawX path). The code does perform filesystem I/O within the workspace and spawns OpenClaw/other local commands, which is expected behavior for this functionality.
Install Mechanism
There is no external install spec or network download; the skill is instruction-only and ships a Python file. Installation consists of placing and running the included script in the user's OpenClaw skills path — no remote archives or third‑party package installs are performed by the skill itself.
Credentials
The skill requests no credentials and the only environment/config it uses (OPENCLAW_WORKSPACE, OPENCLAW_BIN) is directly relevant to its purpose. It will read and write files in the workspace directories it manages; this file access is proportionate to a workspace/agent management bridge but users should note any secrets stored in those directories could be accessed.
Persistence & Privilege
always is false and model invocation is allowed (platform default). The skill does not request permanent platform-level privileges or modify other skills' configurations. It will create, update, and delete files under the configured workspace and may start/stop local services (ClawX) which is consistent with its role.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install zanna-aperta
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /zanna-aperta 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v3.4.0
Aggiunti 4 tool ClawX per controllo interfaccia desktop OpenClaw - 45 tool totali
v3.3.0
MCP Bridge completo per OpenClaw con 41 tool per agenti, workspace, progetti, cron, browser, canvas, nodes, messaging, gateway e Ollama
元数据
Slug zanna-aperta
版本 3.4.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 2
常见问题

Zanna Aperta 是什么?

MCP Bridge completo per OpenClaw con 45 tool per agenti, workspace, progetti, cron, browser, canvas, nodes, messaging, gateway, Ollama e ClawX. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 143 次。

如何安装 Zanna Aperta?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install zanna-aperta」即可一键安装,无需额外配置。

Zanna Aperta 是免费的吗?

是的,Zanna Aperta 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Zanna Aperta 支持哪些平台?

Zanna Aperta 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Zanna Aperta?

由 raidone632-create(@raidone632-create)开发并维护,当前版本 v3.4.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 留言讨论