📦 Mikrotik — 管理路由设备
v1.8.5通过官方API一键连接MikroTik RouterOS,实时查看设备状态、防火墙规则与网络配置,并可直接执行任意RouterOS命令,实现自动化运维。
0· 512·4 当前·4 累计
by 下载技能包
最后更新
2026/3/9
安全扫描
OpenClaw
安全
medium confidenceNULL
评估建议
This skill appears to do what it claims (manage MikroTik devices and scan the local network), but it performs active network scanning and may attempt default/empty-password logins and write device info to ~/.openclaw/workspace/TOOLS.md. Before installing or running it: (1) get explicit permission from your network administrator; (2) avoid saving plaintext credentials in TOOLS.md — use environment variables or a secrets manager; (3) test in an isolated lab network first to see scanning behavior a...详细分析 ▾
✓ 用途与能力
Name and description match the code and instructions: the package implements a MikroTik RouterOS API client, common command wrappers, CLI, and a network scanner. The requested capabilities (reading TOOLS.md, optional env vars, opening sockets to devices, and issuing RouterOS commands including admin-level operations) are coherent with a router management skill.
⚠ 指令范围
SKILL.md and the code direct the agent to perform active LAN operations: enumerate local subnets, run system commands ('ip', 'hostname', 'ip neigh'), scan many IPs for open API ports (8728/8729), and attempt connections (including trying empty-password 'admin' logins for info). The instructions also describe interactive flows that save credentials to ~/.openclaw/workspace/TOOLS.md. These behaviors are within the skill's purpose but are intrusive on a network and can trigger security alerts; they require explicit operator approval and careful credential handling.
✓ 安装机制
No install spec is present (no external downloads or installers). The package is delivered as code files in the skill bundle; nothing in the manifest indicates fetching arbitrary third-party archives or running remote installers. This is lower-risk from an install-mechanism perspective.
ℹ 凭证需求
The registry metadata lists no required env vars, but the code and SKILL.md read and recommend MIKROTIK_HOST / MIKROTIK_USER / MIKROTIK_PASS and also parse ~/.openclaw/workspace/TOOLS.md for credentials. Those environment variables are appropriate and expected for the stated purpose, but the mismatch with the declared registry requirements is an inconsistency. The skill also recommends storing credentials in TOOLS.md (plaintext) which is insecure — the doc warns about it but still promotes that option.
ℹ 持久化与权限
always:false and normal autonomous invocation apply. The skill can persist device info/credentials into the user's workspace TOOLS.md (per SKILL.md/README statements), which is a modest persistence within the user's OpenClaw workspace and not a system-wide privilege escalation. Users should be aware credentials may be written locally if they follow the interactive setup.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.8.52026/3/6
NULL
● 无害
安装命令
点击复制官方npx clawhub@latest install mikrotik
镜像加速npx clawhub@latest install mikrotik --registry https://cn.longxiaskill.com