首页 / 技能 / Quick Test — 环境验证

📦 Quick Test — 环境验证

v1.0.0

在 OpenClaw 环境中快速执行基础系统命令,验证 Python 状态、当前目录、文件读写与命令执行,便于调试与配置确认。

0· 727·1 当前·1 累计
gustavoziaugra 头像by @gustavoziaugra (GustavoZiaugra)
系统工具测试工具开发工具
下载技能包
最后更新
2026/4/22
0
安全扫描
VirusTotal
可疑
查看报告
OpenClaw
可疑
high confidence
NULL
评估建议
This appears to be a simple environment-check tool but it has mismatches and risky patterns. Before running it: (1) Review the Python script locally — do not run it in a production account or with sensitive environment variables present. (2) Fix or inspect subprocess usage: either use subprocess.run([...], shell=False) with argument lists or pass a single shell string if you intentionally want shell parsing; avoid shell=True if you accept untrusted input. (3) Remove or be careful with commands t...
详细分析 ▾
用途与能力
The SKILL.md advertises CLI flags (--test, --command, --quiet) and additional scripts (scripts/tests.py, scripts/system_check.py) that are not present or not implemented in the included run_tests.py. The description (verify Python, working dir, file access) matches the general behavior, but the advertised features and files do not line up with the shipped code.
指令范围
The instructions explicitly encourage running environment-inspecting commands such as `env | head -10` and arbitrary custom commands. That is reasonable for a debugging tool, but it also means the skill will print environment variables and file listings (possible secret leakage). The SKILL.md suggests user-supplied commands, but the provided run_tests.py lacks CLI parsing for those options — an inconsistency that could lead a user to run other, unintended commands locally.
安装机制
There is no install spec (instruction-only skill with an included script). That is low risk from an installer perspective — nothing is automatically downloaded or written during install. The user must clone/run the repository manually.
凭证需求
The skill requests no credentials, which is appropriate. However, it reads and prints environment variables and lists a hard-coded path (/home/zig/.openclaw/workspace) and writes to /tmp/quick_test.txt. Reading env and filesystem is consistent with an environment tester but can expose secrets; the hard-coded paths suggest the script is tailored to a specific account and may reveal or operate on data it shouldn't.
持久化与权限
The skill does not request persistent inclusion (always:false) and does not modify agent configurations. It only contains a script the user must run; it does not request special privileges or persistence.
安全有层次,运行前请审查代码。

运行时依赖

无特殊依赖

版本

latestv1.0.02026/2/14

NULL

可疑

安装命令

点击复制
官方npx clawhub@latest install quick-test
镜像加速npx clawhub@latest install quick-test --registry https://cn.longxiaskill.com
数据来源ClawHub ↗ · 中文优化:龙虾技能库