📦 Skill Pilot — 智能技能调度
v0.4.6具备环境感知路由、用户偏好与自学习优化的自适应技能调度引擎,可自动挑选最佳技能并动态分配资源,持续提升执行效率。
0· 244·1 当前·1 累计
by 下载技能包
最后更新
2026/4/20
安全扫描
OpenClaw
可疑
medium confidenceThe skill's behavior (importing and running other skills, probing network, and inheriting environment for child processes) mostly matches a scheduler's purpose, but there are notable risks and some misleading assurances about secrets that you should understand before installing.
评估建议
What to consider before installing:
- Trust boundary: SkillPilot loads/imports other skill modules (via importlib) and executes skill scripts. Imported Python modules run in-process (they can execute arbitrary code), and subprocesses inherit the full environment by default. Only install SkillPilot if you trust the other skills present in your workspace.
- Secrets exposure: Although SKILL.md states it does not exfiltrate secrets, the engine inherits environment variables and passes them to chil...详细分析 ▾
ℹ 用途与能力
Name/description (adaptive skill scheduler) align with code: it discovers, ranks, and invokes other skills and records history. The claimed 'zero-intrusion' marketing is overstated: the skill reads other skills under ~/.openclaw/workspace/skills/ and executes them (via importlib or subprocess), which necessarily accesses other skills' files and runs their code. That is functionally necessary but should be considered intrusive relative to the marketing language.
⚠ 指令范围
SKILL.md and code instruct reading the workspace skills directory, saving history/config under ~/.openclaw/workspace/skills/skill-pilot/, probing network (DNS/latency/ports), importing other skills' Python modules, and executing external skill scripts. Importing other skills with importlib executes their code in-process; executing scripts launches child processes. These actions are coherent with a router but expand runtime scope (code execution, network probes) and create a trust boundary that isn't fully constrained by the manifest.
✓ 安装机制
No install spec; this is an instruction-and-code skill that runs from the workspace. That is low-risk from an automatic-install perspective (nothing is downloaded/extracted at install time).
⚠ 凭证需求
SKILL.md lists only a few optional env vars, but the code uses os.environ.copy() and inherits the full process environment for child processes. Passing the full environment to child skills is functionally convenient (so child skills can use their API keys), but it means any high-value secrets present in your environment could be available to invoked child processes. The skill asserts it "Does NOT exfiltrate secrets," but it cannot enforce what third-party child skills do with inherited env vars or what imported modules execute in-process.
✓ 持久化与权限
The skill does not request always:true, does not modify other skills' files in its stated behavior, and confines writes to ~/.openclaw/workspace/skills/skill-pilot/. Recording history/config and updating default-tool settings are expected for a scheduler. This persistence level is proportional to its purpose.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.4.62026/3/17
Skill-pilot v0.4.6 - Added SECURITY_DECLARATION.md to document security practices and behaviors. - Declared required and optional environment variables in SKILL.md, clarifying integration and API dependencies. - Updated security notes: details on file access, network probing, child process execution, and data handling. - Internal config and script updates for improved environment and mode management. - Added package.json for dependency management.
● 无害
安装命令
点击复制官方npx clawhub@latest install skill-pilot
镜像加速npx clawhub@latest install skill-pilot --registry https://cn.longxiaskill.com