技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.2
统计:⭐ 1 · 1.3k · 2 current installs · 2 all-time installs
⭐ 1
安装量(当前) 2
🛡 VirusTotal :良性 · OpenClaw :良性
Package:atlaspa/openclaw-arbiter
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :良性
OpenClaw 评估
The skill's code and instructions align with an auditor for installed skills; it reads other skills' files and can quarantine/revoke them if invoked, which is powerful but coherent with its stated purpose.
目的
Name/description (permission auditor) matches what the package contains: a Python script that scans SKILL.md and code for network, subprocess, file I/O, env access, and unsafe deserialization patterns. The only required binary is python3, which is appropriate.
说明范围
SKILL.md instructs running the arbiter against a workspace path; the tool legitimately needs to read skill directories and files to do its job. However the tool also exposes enforcement commands (quarantine, revoke, enforce, protect) which modify skills; SKILL.md/README mention those are 'Pro' features but the script contains them. Auditing (read-only) is expected; modifying/quarantining is a larger scope and should be used with care.
安装机制
No install spec; the repo contains a single Python script and docs and claims to use only the standard library. That is low-risk compared with downloads or remote installers.
证书
The skill requests no environment variables or credentials, which is proportionate to an offline code-auditor. The script's detection patterns include environment access checks but it does not require any secrets.
持久
always:false and agent-invocable:true (normal). But the tool implements commands that modify other skills (quarantine, revoke, enforce, protect) which grant it the ability to rename/move/delete skill directories when invoked. This is coherent for an enforcement tool but is a high-impact capability — ensure you run it intentionally and back up the workspace before using enforcement actions.
综合结论
This appears to be a legitimate offline permission auditor. Before installing or running it: (1) Review the scripts/arbiter.py file yourself (or inspect it with a diff) to confirm there are no unexpected network calls or obfuscated code. (2) Run only read-only operations first (audit, report, status) to see findings without making changes. (3) Do not run quarantine/revoke/enforce unless you have a current backup of your workspace and understan…
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Openclaw Arbiter」。简介:Audit installed skill permissions: detect network access, subprocess execution,…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/atlaspa/openclaw-arbiter/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
暂无本地缓存内容,可在后台执行详情同步。