by 安全扫描
OpenClaw
可疑
medium confidence技能的SKILL.md描述了一个需要Node.js、SKB_BASE_URL环境变量并读写~/.skill-base/config.json和用于发布的PAT的CLI——但注册表元数据未声明任何必需的二进制文件/环境变量/配置,因此包元数据和运行时指令不一致。
评估建议
此SKILL.md看起来像是合法的CLI文档,但注册表元数据省略了重要的运行时要求。在安装或跟随智能体操作之前:(1)确认您有Node.js >=18并信任npm包源;(2)请注意`skb login`会在~/.skill-base/config.json中创建并存储PAT——不要将该PAT粘贴到聊天中;(3)在发布前验证SKB_BASE_URL指向受信任的Skill Base服务器——发布将把您的技能文件夹上传到该服务器;(4)要求发布者/维护者更新注册表元数据以声明必需的二进制文件(Node.js)、SKB_BASE_URL环境变量和配置路径。如果您对CLI安装包或存储令牌感到不舒服,请不要继续。...详细分析 ▾
ℹ 用途与能力
SKILL.md描述了一个用于搜索、安装、发布和导入技能的官方CLI(skb),与技能名称和描述匹配。然而,运行时文档要求Node.js >=18并推荐npm/npx使用,但注册表元数据未列出必需的二进制文件。这种不匹配是意外的(CLI确实需要Node.js)。
✓ 指令范围
指令专注于CLI使用:搜索/安装/更新/发布、配置SKB_BASE_URL和登录流程。它们指示智能体运行终端命令并读写~/.skill-base/config.json(本地安装记录和存储的PAT)。没有读取无关系统文件或泄露数据的指令,但发布/导入会将文件夹内容上传到配置的服务器——这是用户必须批准的敏感操作。
ℹ 安装机制
这是一个仅含指令的技能(无安装规范)。SKILL.md告诉用户运行`npm install -g skill-base-cli`或使用`npx`。对于Node CLI来说这是合理的部署选项,但注册表元数据中缺少安装规范是一个遗漏。另请注意:运行`npm install -g`会在用户机器上执行第三方代码,这对于CLI是正常的,但带有通常的npm风险。
⚠ 凭证需求
README引用了环境变量SKB_BASE_URL和配置路径~/.skill-base/config.json(将存储auth/PAT和安装记录)。注册表元数据未声明任何必需的环境变量或配置路径——这是不一致的。当用户运行`skb login`时,技能将导致令牌/PAT在本地创建和存储,并在发布时将技能文件发送到配置的服务器;这些行为对于CLI是预期的,但很敏感,应明确声明。
ℹ 持久化与权限
技能不请求always:true且不修改其他技能。它将导致CLI在用户主目录(~/.skill-base/)下创建和更新文件,并可能将技能安装到本地或IDE目录中。这对于CLI是正常的,但意味着技能可以在主机上持久化数据(配置和令牌)。
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/4/14
skill-base-cli 1.0.0 - Initial release of the official Skill Base CLI client. - Search, install, update, publish, and import skills using the `skb` command. - Includes authentication and configuration features, supporting both public and privately deployed Skill Base sites. - Detailed command usage and troubleshooting guidance provided in SKILL.md. - Supports import from public GitHub repositories, with authentication required for publishing and imports.
● 可疑
安装命令
点击复制官方npx clawhub@latest install skill-base-cli
镜像加速npx clawhub@latest install skill-base-cli --registry https://cn.longxiaskill.com
技能文档
Assistants should complete operations by running terminal commands. Package name skill-base-cli, command skb after installation.
When to Use This Skill
- Users request to search, install, update, or publish specific skills using the
skbcommand. - Users need to configure the client connection address (
skb init) or log in (skb login). - Users want to search, install, update, or publish Skills to a privately deployed Skill Base site.
When NOT to Use This Skill
- Users want to deploy, start, or maintain the Skill Base server itself (use
skill-base-web-deployinstead).
Environment
- Node.js >= 18
- Installation:
npm install -g skill-base-cli, ornpx skill-base-cli - Server address: Environment variable
SKB_BASE_URLtakes priority, otherwise reads~/.skill-base/config.json, default ishttp://127.0.0.1:8000 - Set and save:
skb init --server(do not include/api)
Login and Authentication Rules (Important)
- No login required:
search,install,update,initand other regular read operations usually do not require login. Assistants should not proactively ask users to log in before these operations. - Login required:
skb publishmust be logged in. - Login flow (
skb login):
skb login in the terminal.
2. The console will output a login page URL containing from=cli, open the login page in a browser.
3. After successful web login, a verification code (in the format XXXX-XXXX) will be provided.
4. Enter the verification code in the terminal to exchange for a PAT.
- Logout:
skb logout.
Search and Install
skb search
skb install # Latest version
skb install @ # Specific version, e.g., v20260327.161122
skb install -d
Optional: Install to an IDE's skill directory, e.g., skb install -i cursor; use -g for global installation (supported by some IDEs only).
Update Installed Skills
skb update
skb update -d
skb list
skb ls
skb installrecords the local install path, version, and timestamp in~/.skill-base/config.jsonskb list/skb lslist all locally recorded skills, then let the user choose one to update, delete local files, or clear config recordsskb updatefirst shows the available versions with changelog and uploader, then lets the user multi-select one or more recorded install directories to update togetherskb update -dstill works as an explicit one-off update for/
Publish
- Skill name must pass
/^[\w-]+$/validation, e.g., skill-base-cli - Prepare content in a folder named after the skill, root directory must contain
SKILL.md - Recommended: Use frontmatter in SKILL.md to mark name and description as the skill name and description
- If SKILL.md frontmatter has a name field, it must match the folder name
- If no frontmatter is used: Use the folder name as the skill name; the first paragraph of non-
#text under the title is the skill description (can be overridden with--description) - Execute in the skill directory:
skb publish; or execute from any location:skb publish - Common usage:
skb publish --changelog "description" - After publishing, describe the result to the user in 2 sentences, no need to be verbose
Import from GitHub (public repos, skill-base login required)
skb import-github owner/repoorskb import https://github.com/owner/repo,likehttps://github.com/anthropics/skills/tree/main/skills/pdf- Same auth as publish (
skb login) - Options:
--ref,--subpath,--target,--changelog,--dry-run(preview JSON only) - Server downloads the repo archive; private repos are not supported
Troubleshooting Failures
- First confirm
SKB_BASE_URLpoints to the instance the user wants to use, as skill-base can be deployed internally and ports can be changed, verify the address is correct - If the user deployed skill-base on a server, most servers need inbound/outbound port configuration to be accessible, users need to check if the address is accessible in the browser
- Check if it's a network issue, can use ping/telnet to confirm
- Publish failure: First
skb login; then verifySKB_BASE_URL, folder name and frontmatternameare consistent and match[\w-]+, checkSKILL.mdand network - Install failure: Use
skb searchto verifyskill_id; when unsure of version, useskb installto install latest