首页 / 技能 / Signet Guardian — 支付守护

📦 Signet Guardian — 支付守护

v0.1.0

为 AI 智能体提供的支付前置守护中间件:在调用任何支付相关技能前,依据用户策略(是否启用支付、单笔限额、月度总额)执行预检,返回 ALLOW/DENY/CONFIRM_REQUIRED 三种结果,确保支付安全合规。

0· 782·0 当前·0 累计
rafalzacher1 头像by @rafalzacher1
安全智能体工作流自动化API工具
下载技能包
最后更新
2026/4/22
0
安全扫描
VirusTotal
可疑
查看报告
OpenClaw
安全
high confidence
NULL
评估建议
This skill appears to do what it says: local preflight checks, ledger recording, and optional dashboard policy UI. Before installing, do the following: (1) review scripts/signet-cli.ts (and the migrate/edit code path) so you understand exactly how it reads/writes ~/.openclaw/openclaw.json and the references/ ledger; back up your OpenClaw config first; (2) be aware that denied attempts are appended to a local ledger that will contain payee, amount, and purpose — this is stored locally (no network...
详细分析 ▾
用途与能力
Name and description (payment preflight, record, report, policy) align with included CLI and extension files. The skill only needs local config/refs and registers a config schema for the OpenClaw dashboard; it does not request unrelated cloud credentials or external services.
指令范围
Runtime instructions and CLI implement preflight, record, report and policy edit/migrate as described. The CLI reads the OpenClaw config file (path from OPENCLAW_CONFIG_PATH or default ~/.openclaw/openclaw.json) and falls back to references/policy.json; it appends ledger lines and logs DENY events. The policy-migrate/edit commands will read and (likely) write the OpenClaw config — review code/path handling before running to avoid accidental config overwrites. It does not perform outbound network requests.
安装机制
No install spec; this is instruction/CLI code you run locally. Dependencies are standard npm packages (prompts, tsx) declared in package.json and lockfile. There are no downloads from arbitrary URLs or extracted archives.
凭证需求
Skill declares no required env vars or credentials. It legitimately uses OPENCLAW_BASE_DIR / OPENCLAW_SKILL_DIR / OPENCLAW_CONFIG_PATH to find policy and ledger files; that is proportional to its purpose. Note: the CLI reads the whole OpenClaw config file (to find signet.policy), which could contain other settings — the skill does not send them anywhere but will access them locally.
持久化与权限
Does not request always:true and is not force-included. It writes only to its references directory and to OpenClaw config when migrating policy or when installed as an extension (the extension registers a schema). Ledger and lock files are local and expected for its function.
安全有层次,运行前请审查代码。

运行时依赖

无特殊依赖

版本

latestv0.1.02026/2/12

NULL

可疑

安装命令

点击复制
官方npx clawhub@latest install signet-guardian
镜像加速npx clawhub@latest install signet-guardian --registry https://cn.longxiaskill.com
数据来源ClawHub ↗ · 中文优化:龙虾技能库