by 安全扫描
OpenClaw
安全
high confidence该技能仅提供指令,其预检、回退和上下文缩小指导与声明目的相符,不要求额外安装、凭证或访问权限。
评估建议
该技能逻辑清晰、风险低:仅包含运行时指令,不要求额外内容。安装前,请注意指令依赖代理检查最近请求历史和管理重试的能力——建议在安全环境中测试。同时,虽然技能本身不请求凭证,但调用它的代理可能具有对提供商或日志的权限;确保这些权限适用于自动重试/回退行为。...详细分析 ▾
✓ 用途与能力
Name and description match the actual instructions. The checks and mitigation steps (concurrency, probes, exponential backoff, context shrinkage) are coherent with a rate-limit guard and no unrelated resources or credentials are requested.
✓ 指令范围
SKILL.md contains high-level, scoped runtime guidance (what to check before calls and what to do on 429). It does not instruct reading arbitrary files, contacting external endpoints, or exfiltrating data. It does reference checking 'recent failures' and 'provider/model' which implicitly requires access to the agent's request history/state, but that is expected for this function and is not excessive.
✓ 安装机制
No install spec and no code files — instruction-only skill. This minimizes risk because nothing is written to disk or downloaded.
✓ 凭证需求
Requires no environment variables, credentials, or config paths. There is no disproportionate access requested for the stated purpose.
✓ 持久化与权限
always is false and the skill is user-invocable. disable-model-invocation is false (normal) which allows autonomous invocation, but that is the platform default and not excessive for this kind of helper.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/4/9
初始发布:通过预检和回退防止 429 重试循环和令牌浪费。
● 无害
安装命令 点击复制
官方npx clawhub@latest install rate-limit-guard
镜像加速npx clawhub@latest install rate-limit-guard --registry https://cn.clawhub-mirror.com
技能文档
在高成本调用前检查
- 提供商/模型
- 并发度
- 上下文大小
对于 429 错误
- 将并发度设置为 1。
- 停止并行重试。
- 缩小上下文。
- 发送一个最小探测请求。
- 实施指数回退(exponential backoff)。
规则
- 永远不要不变地重试巨大请求。
- 永远不要对高级提供商进行 fallback-spam。
- 将语料库工作批量处理为 10–20 项块。
输出
下一步行动:继续 / 恢复模式 / 暂停。数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制