📦 Pua — 高压破局助手

v2.0.0

当用户连续失败、表现消极或质量不达标时，自动启动高压追问与穷尽式解题模式，逼迫高主动性思考，快速定位并解决核心问题。

0· 230·0 当前·0 累计

by @rorschachachxd

自动化智能体

下载技能包

最后更新

2026/3/27

安全扫描

VirusTotal

无害

查看报告

OpenClaw

可疑

medium confidence

The skill's instructions match its stated goal (force high-agency troubleshooting) but the runtime guidance asks the agent to run commands, read source, and paste verification outputs without declaring required tools or boundaries — this creates a risk of unintended file access or data leakage; metadata inconsistencies increase concern.

评估建议

This skill is instruction-only and internally consistent with its goal to push aggressive, exhaustive troubleshooting. However: (1) its runtime instructions tell the agent to run commands, read source files, run builds/tests, and paste outputs — that can expose sensitive data if the agent has access to secrets or private files. (2) The package metadata contains inconsistencies (e.g., differing _meta.json owner/version/publishedAt vs registry info) — ask the publisher to clarify origin and versio...

详细分析 ▾

ℹ 用途与能力

The name/description (force exhaustive troubleshooting) align with the SKILL.md: it explicitly demands searches, reading source code, running verification commands, builds/tests, and curling endpoints. Those capabilities are coherent for the stated purpose. However the manifest declares no required binaries, env vars, or install steps while the instructions expect access to system tools, project files, and network—so the skill implicitly relies on broad agent tool access that is not reflected in the metadata.

⚠ 指令范围

SKILL.md repeatedly instructs the agent to 'run validation commands, paste output evidence, read source (50 lines), run builds/tests, curl all endpoints, and search the web.' Those are powerful actions that can read sensitive files or reveal secrets if outputs are pasted. The instructions place few limits on what may be read or transmitted and use open-ended language (e.g., '穷尽一切', '贴出输出证据'), increasing the risk of unintended exposure. There are no explicit external endpoints, but the agent is prompted to perform network requests and transmit command outputs.

✓ 安装机制

Instruction-only; there is no install spec and no code files to be written or executed by the installer. This minimizes supply-chain risk from the package/installer itself.

ℹ 凭证需求

The skill declares no required environment variables or credentials, which is appropriate on paper. In practice the instructions expect access to repository files, runtime tools, and network endpoints (build/test/curl/search), so using the skill effectively will require agent tool permissions and possibly access to secrets in the environment. The manifest does not call these out explicitly.

✓ 持久化与权限

always:false and no install behavior are set. The skill does not request persistent presence or claim to modify system/other-skill configs, so there is no elevated platform-level privilege requested in the manifest.

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

版本

latestv2.0.02026/3/27

pua-openclaw v2.0.0 - Major release introducing a highly detailed corporate-style PUA (Pressure, Urgency, Accountability) skill protocol and philosophy. - Defines multi-level pressure escalation (L0–L4) in response to repeated failures, passivity, or quality issues. - Provides specific behavioral checklists, anti-excuse rebuttals, and required evidence/validation for task completion. - Introduces “corporate flavor” modes inspired by 14 different tech companies, each with unique principles and task handling strategies. - Documents mandatory problem-solving methodologies, advanced review processes, and an evolution protocol for self-improvement. - Comprehensive trigger list for both manual and automatic activation of PUA mode.

● 无害

安装命令

点击复制

官方npx clawhub@latest install pua-openclaw

镜像加速npx clawhub@latest install pua-openclaw --registry https://cn.longxiaskill.com

数据来源：ClawHub ↗ · 中文优化：龙虾技能库