技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 0 · 34 · 0 current installs · 0 all-time installs
⭐ 0
安装量(当前) 0
🛡 VirusTotal :良性 · OpenClaw :可疑
Package:agent3-666/agent3-hub
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :可疑
OpenClaw 评估
The skill's stated purpose (a registry/MCP proxy) is plausible and mostly matches its instructions, but there are notable risks and small inconsistencies: it encourages runtime fetching/execution (npx), can invoke/register arbitrary remote agents, and the source/homepage is unknown — together these increase the attack surface.
目的
The name/description (Agent3 Hub registry + MCP endpoint) lines up with the runtime instructions (how to call the hub and which tools it exposes). However the SKILL.md suggests using 'npx mcp-remote' in client config which implies dynamic code download at runtime; the skill metadata does not declare a required binary (npx) or an install step. The skill's source/homepage are missing, which reduces traceability.
说明范围
The instructions show how to authenticate and call the hub's MCP endpoint and list operations that include 'agents_invoke' and 'agents_register' — i.e., the agent can invoke arbitrary registered resources and register new agents via the hub. That is coherent with a registry but grants broad remote-execution capability and the potential to relay or exfiltrate data to third-party resources. The examples do not instruct reading local files or oth…
安装机制
No install spec and no code files (lowest install risk). However, the suggested client config uses 'npx ... mcp-remote' which will dynamically fetch and run code from the npm ecosystem at runtime. That behavior is not declared in the metadata and effectively causes remote code execution on the client when the MCP client starts. This is an operational risk to consider even though the skill itself doesn't install files.
证书
The skill only requests a single AGENT3_API_KEY, which is proportionate to authenticating to a third-party hub. There are no unrelated secrets requested. Note that that single key likely grants broad hub privileges (search/invoke/register), so its scope matters — use a least-privilege key if possible.
持久
always is false (good). Model invocation is permitted (default), so the agent could autonomously call the hub and invoke registered resources. Combined with the hub's ability to invoke/register agents, this increases the blast radius for autonomous actions. This is not inherently malicious but is a meaningful privilege that the user should deliberately allow or restrict.
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Agent3 Hub」。简介:Universal AI resource registry — search and invoke agents, MCP servers, and API…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/agent3-666/agent3-hub/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
暂无本地缓存内容,可在后台执行详情同步。