Openclaw Ledger — 技能 — openclaw中文资讯站

技能详情（站内镜像，无评论）

Tamper-evident audit trail for agent sessions. Hash-chained logs of workspace changes with cryptographic verification. Know exactly what changed, when, and detect if anyone altered the record. Free alert layer — upgrade to openclaw-ledger-pro for freeze, forensics, and chain r…

数据与表格

许可证：MIT-0

MIT-0 ·免费使用、修改和重新分发。无需归因。

版本：v1.0.2

统计：⭐ 3 · 1.3k · 2 current installs · 2 all-time installs

⭐ 3

安装量（当前） 2

🛡 VirusTotal ：良性 · OpenClaw ：可疑

Package：atlaspa/openclaw-ledger

安全扫描（ClawHub）

VirusTotal ：良性
OpenClaw ：可疑

OpenClaw 评估

The skill largely implements a local hash‑chained ledger as advertised, but there are small but important mismatches (undeclared environment variable use, marketing claims about 'pro' countermeasures, and broad filesystem access) that merit caution before installing into production workspaces.

目的

Name/description match the delivered capability: the included Python script implements init/record/verify/log/status for a hash-chained audit trail. However, the README and the script header advertise additional capabilities (freeze, quarantine, forensics, restoration) that are not exposed in the SKILL.md command list; source/homepage are unknown. Overall the core purpose is implemented, but marketing claims and provenance are inconsistent.

说明范围

The runtime instructions call the included script (python3 {baseDir}/scripts/ledger.py) which walks the entire workspace and snapshots filenames, sizes, and SHA‑256 hashes. The code writes local artifacts (.ledger/chain.jsonl and .ledger/session.json) containing file paths and hashes. The script also reads an environment variable OPENCLAW_WORKSPACE to resolve the workspace if --workspace is not supplied, but this env var is not declared in req…

安装机制

No install spec is provided (instruction-only), and the skill includes a Python script using only the standard library. README suggests manual git clone/copy. No remote downloads, package installs, or extract-from-URL operations were found in the provided files.

证书

The registry metadata declares no required env vars, yet the code consults OPENCLAW_WORKSPACE to discover the workspace path. The script requires only python3 (reasonable) but will read the entire workspace tree (file names and hashes), which can expose sensitive project structure. No network credentials are requested, which is appropriate for a local ledger, but the undeclared env var and wide read access are disproportionate to the absence o…

持久

The skill does not request always:true and uses only its own workspace-scoped .ledger directory to store chain/session artifacts. There is no evidence it modifies other skills' configuration or system-wide settings. It may create quarantine/frozen directories under the workspace (names appear in code), but actions are local and confined to the target workspace.

安装（复制给龙虾 AI）

将下方整段复制到龙虾中文库对话中，由龙虾按 SKILL.md 完成安装。

请把本段交给龙虾中文库（龙虾 AI）执行：为本机安装 OpenClaw 技能「Openclaw Ledger」。简介：Tamper-evident audit trail for agent sessions. Hash-chained logs of workspace c…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装：https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/atlaspa/openclaw-ledger/SKILL.md
（来源：yingzhi8.cn 技能库）

SKILL.md

打开原始 SKILL.md（GitHub raw）

---
name: openclaw-ledger
user-invocable: true
metadata: {"openclaw":{"emoji":"📒","requires":{"bins":["python3"]},"os":["darwin","linux","win32"]}}
---

# OpenClaw Ledger

Tamper-evident audit trail for agent workspaces. Every workspace change is recorded in a hash-chained log — if anyone alters an entry, the chain breaks and you know.

## The Problem

Agents modify files, execute commands, install skills — and leave no verifiable record. If something goes wrong, you can't trace what happened. If logs exist, nothing proves they haven't been altered after the fact.


## Commands

### Initialize

Create the ledger and snapshot current workspace state.

```bash
python3 {baseDir}/scripts/ledger.py init --workspace /path/to/workspace
```

### Record Changes

Snapshot current state and log all changes since last record.

```bash
python3 {baseDir}/scripts/ledger.py record --workspace /path/to/workspace
python3 {baseDir}/scripts/ledger.py record -m "Installed new skill" --workspace /path/to/workspace
```

### Verify Chain

Verify the hash chain is intact — no entries tampered with.

```bash
python3 {baseDir}/scripts/ledger.py verify --workspace /path/to/workspace
```

### View Log

Show recent ledger entries.

```bash
python3 {baseDir}/scripts/ledger.py log --workspace /path/to/workspace
python3 {baseDir}/scripts/ledger.py log -n 20 --workspace /path/to/workspace
```

### Quick Status

```bash
python3 {baseDir}/scripts/ledger.py status --workspace /path/to/workspace
```

## How It Works

Each entry contains:
- Timestamp
- SHA-256 hash of the previous entry
- Event type and data (file changes, snapshots)

If any entry is modified, inserted, or deleted, the hash chain breaks and `verify` detects it.

## Exit Codes

- `0` — Clean / chain intact
- `1` — No ledger or minor issues
- `2` — Chain tampered / corrupt entries

## No External Dependencies

Python standard library only. No pip install. No network calls. Everything runs locally.

## Cross-Platform

Works with OpenClaw, Claude Code, Cursor, and any tool using the Agent Skills specification.