by 安全扫描
OpenClaw
可疑
high confidenceThe skill mostly implements an MCP workflow server and CLI, but there are multiple mismatches between the documentation and the shipped scripts (undeclared binaries/env, unsupported resource types in code, and broad file access), so review and sandbox before installing.
评估建议
Before installing or running this skill:
- Expect to need Node.js and the jq CLI (the scripts call node and jq, but the registry metadata does not declare them).
- Review the two included scripts (scripts/mcp-server.js and scripts/workflow-engine.sh) yourself — they read and write files and will read any path given via file:// URIs. Do not run them against sensitive directories or as root.
- The server can return arbitrary local files (file://{path}) to workflows; if you run the skill inside an ...详细分析 ▾
⚠ 用途与能力
The skill claims to provide MCP workflow automation (prompt chains, resource embedding, cross-server orchestration) and the included server/script files implement those capabilities. However there are incoherences: SKILL.md and templates reference integrations (e.g., 'config://', 'notion', 'email', 'git://', 'github://', 'linear://') that the server and shell script do not fully implement, and the metadata declares no required binaries even though the runtime clearly needs node and jq. These gaps make it unclear which features are actually supported and why certain resource types are listed.
⚠ 指令范围
Runtime instructions tell the agent/user to run node scripts/mcp-server.js and the shell workflow engine. The server implements memory://, template:// and file:// resources and the shell script reads and writes local files and a .mcp workspace. The server's file:// handler reads arbitrary file paths without sanitization, meaning workflows or prompts that reference file:// can access any file the agent process can read — this is coherent with 'resource embedding' but is high-risk in practice. Also SKILL.md lists config:// resources and describes config at ~/.openclaw/mcp-workflow.json, but the server's ReadResource handler does not implement config:// reading and the server does not read the ~/.openclaw config as described — a direct mismatch between instructions and code.
✓ 安装机制
There is no external install spec or network download; the skill is instruction-plus-local-scripts only. No remote archives or installers are fetched by the skill itself, which reduces supply-chain risk. However the code depends on local runtime binaries (node, jq) that are not declared in the registry metadata.
⚠ 凭证需求
The registry lists no required environment variables, but the code reads environment variables (e.g., process.env.WORKFLOWS_DIR and the shell script respects MCP_DIR). The shell script and server will read and write files on disk (templates, workflows, .mcp, .mcp-memory.json), but those file-access patterns are not called out in the registry metadata. The skill does not request cloud credentials, which is appropriate, but the lack of declared runtime requirements (node, jq, file-path access) is an unexplained omission.
ℹ 持久化与权限
always:false (good). The skill writes local state (memory files like .mcp/.workflow-memory.json and templates/workflows in the working directory) and creates an MCP workspace when initialized. It does not request system-wide configuration changes or claim elevated privileges, but it will persist data to disk within the user's project or current directory and can read arbitrary files via file:// URIs.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/2/20
Initial release: MCP workflow automation with prompt chains, resource templates, and multi-step orchestration inspired by Jason Zhou
● 可疑
安装命令 点击复制
官方npx clawhub@latest install mcp-workflow
镜像加速npx clawhub@latest install mcp-workflow --registry https://cn.clawhub-mirror.com
技能文档
Quick Reference
# Start MCP Server
node scripts/mcp-server.js# Run a workflow
./scripts/workflow-engine.sh run [--input ]
# List available workflows
./scripts/workflow-engine.sh list
# Create new workflow from template
./scripts/workflow-engine.sh create --from
# Validate workflow
./scripts/workflow-engine.sh validate
Overview
This skill implements workflow automation using the Model Context Protocol (MCP), enabling:
- Prompt Chains: Multi-step prompt sequences
- Dynamic Workflows: Context-aware adaptation
- Resource Integration: File/data embedding
- Cross-Server Coordination: Multi-MCP orchestration
Workflow Patterns
1. Prompt Chain Pattern
plan → generate → execute → validate
2. Dynamic Prompt Pattern
context → adapt → generate → output
3. Resource Embedding Pattern
resource://{type}/{id} → load → embed → process
4. External Trigger Pattern
trigger → validate → dispatch → execute
Built-in Templates
| Template | Description | Use Case |
|---|---|---|
meal-planner | Weekly meal planning | Nutrition, shopping lists |
code-review | Automated code review | PR analysis, quality checks |
weekly-report | Status report generation | Team updates, metrics |
documentation-generator | Doc generation | API docs, changelogs |
MCP Server Features
Resources
file://{path}- File system accessmemory://{key}- Memory storageconfig://{section}- Configuration values
Tools
workflow.run- Execute workflowworkflow.list- List workflowsworkflow.validate- Validate workflow JSONprompt.render- Render prompt template
Prompts
chain:plan- Planning promptchain:generate- Generation promptchain:review- Review prompt
Example Usage
Meal Planner Workflow
./scripts/workflow-engine.sh run meal-planner \
--input '{"diet":"vegetarian","days":7,"budget":50}'
Code Review Workflow
./scripts/workflow-engine.sh run code-review \
--input '{"repo":"myapp","pr":123}'
Weekly Report
./scripts/workflow-engine.sh run weekly-report \
--input '{"project":"dashboard","week":"2024-W01"}'
Best Practices
1. Workflow Design
- Keep steps atomic and focused
- Use clear input/output contracts
- Implement error handling at each step
- Version your workflows
2. Prompt Engineering
- Use system prompts for context
- Provide examples in few-shot prompts
- Chain prompts for complex tasks
- Validate outputs before next step
3. Resource Management
- Use URI patterns consistently
- Cache frequently accessed resources
- Clean up temporary resources
- Document resource schemas
4. Cross-Server Coordination
- Define clear interfaces between servers
- Use standardized message formats
- Implement health checks
- Handle timeouts gracefully
Configuration
Create ~/.openclaw/mcp-workflow.json:
{
"servers": [
{
"name": "local",
"command": "node scripts/mcp-server.js",
"env": {}
}
],
"workflowsDir": "./workflows",
"templatesDir": "./scripts/templates",
"defaultTimeout": 30000
}
Integration with OpenClaw
Use in your OpenClaw session:
# Load the skill
openclaw skill load mcp-workflow# Run workflow
openclaw workflow run meal-planner --input '{"days":5}'
References
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制