技能详情(站内镜像,无评论)
作者:Angus Bezzina @angusbezzina
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.2.0
统计:⭐ 1 · 353 · 1 current installs · 1 all-time installs
⭐ 1
安装量(当前) 1
🛡 VirusTotal :良性 · OpenClaw :良性
Package:angusbezzina/gpu-cli
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :良性
OpenClaw 评估
The skill's files, runtime instructions, and requested permissions are coherent with its stated purpose of safely wrapping a local 'gpu' CLI; nothing requested is disproportionate or unexplained.
目的
The skill claims to run the local 'gpu' binary with guardrails and the bundle contains a wrapper (runner.sh), tests, docs, and a manifest matching that goal. It does not request unrelated credentials, binaries, or network permissions.
说明范围
SKILL.md restricts allowed tools to the bundled runner and read-only access; runner.sh enforces a prefix and subcommand allowlist, a metacharacter blocklist, dry-run/confirmation gates, price/runtime caps, and direct exec of the gpu binary. This stays inside the stated scope. Minor note: some parsing (sed/grep/jq fallbacks and read -ra splitting) is best-effort and brittle in edge cases—this is a robustness concern, not an evidence of maliciou…
安装机制
No install spec is provided (instruction-only), so nothing is downloaded or written by the skill itself. The runner.sh prints a suggested install command for the external 'gpu' binary (a curl | sh URL) only in an error message — that is not executed by the skill but is a user-visible suggestion you should verify before running.
证书
The skill does not request secrets or external service credentials. It exposes configuration via SKILL_* env vars (dry-run, caps, confirm, etc.) which are reasonable for this wrapper. It delegates networking and auth to the user-installed 'gpu' CLI, which is expected for this purpose.
持久
The skill is not always-on and does not request elevated privileges or system-wide config changes. It may invoke 'gpu daemon start' via the gpu binary (to remediate transient errors) which can create background processes — this behavior is consistent with managing GPU jobs and is attributable to the gpu CLI rather than the skill itself.
综合结论
This skill appears to do exactly what it says: run the local 'gpu' CLI through a guarded wrapper. Before installing/using it: 1) review and keep dry-run on until you trust it (SKILL_DRY_RUN=true); 2) don't set SKILL_CONFIRM=yes unless you understand the cost implications (it can start paid pods via your provider); 3) verify and install the 'gpu' binary from a trusted source (the runner prints a curl | sh URL—treat that like any remote installe…
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「GPU CLI: Remote GPU Compute for ML Training and Inference」。简介:Safely run local `gpu` commands via a guarded wrapper (`runner.sh`) with prefli…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/angusbezzina/gpu-cli/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: gpu-cli
description: Safely run local `gpu` commands via a guarded wrapper (`runner.sh`) with preflight checks and budget/time caps.
argument-hint: runner.sh gpu [subcommand] [flags]
allowed-tools: Bash(runner.sh*), Read
---
# GPU CLI Skill (Stable)
Use this skill to run the local `gpu` binary from your agent. It only allows invoking the bundled `runner.sh` (which internally calls `gpu`) and read-only file access.
What it does
- Runs `gpu` commands you specify (e.g., `runner.sh gpu status --json`, `runner.sh gpu run python train.py`).
- Recommends a preflight: `gpu doctor --json` then `gpu status --json`.
- Streams results back to chat; use `--json` for structured outputs.
Safety & scope
- Allowed tools: `Bash(runner.sh*)`, `Read`. No network access requested by the skill; `gpu` handles its own networking.
- Avoid chaining or redirection; provide a single `runner.sh gpu …` command.
- You pay your provider directly; this may start paid pods.
Quick prompts
- "Run `runner.sh gpu status --json` and summarize pod state".
- "Run `runner.sh gpu doctor --json` and summarize failures".
- See `templates/prompts.md` for more examples.
Security
- Input sanitization: character blocklist (`; & | ` ( ) > < $ { }` + newlines) plus subcommand allowlist. Commands are executed via direct `gpu` binary invocation — no shell re-evaluation (`bash -c` / `eval`).
- See `SECURITY.md` for the full threat model, permission rationale, and version history.
Notes
- For image/video/LLM work, ask the agent to include appropriate flags (e.g., `--gpu-type "RTX 4090"`, `-p 8000:8000`, or `--rebuild`).