ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Adversarial Engine

v1.0.0

多模型对抗引擎 - 四模型真实对抗辩论系统。架构师+工程师+安全官+仲裁者协作,代码沙箱验证,向量检索增强,收敛判断自动熔断。

0· 71·1 current·1 all-time
by@timo2026·duplicate of @timo2026/openclaw-adversarial-engine

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for timo2026/adversarial-engine.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Adversarial Engine" (timo2026/adversarial-engine) from ClawHub.
Skill page: https://clawhub.ai/timo2026/adversarial-engine
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install adversarial-engine

ClawHub CLI

Package manager switcher

npx clawhub@latest install adversarial-engine
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The code implements the advertised features (multi-role LLM calls, code sandbox, vector search, WebSocket server) so purpose and capability broadly align. However, the implementation embeds a DEFAULT_API_KEY and a BASE_URL for an external LLM service (coding.dashscope.aliyuncs.com) that are not declared in the skill metadata (no required env vars). The SKILL.md's file list (code_sandbox.py, vector_enhancer.py, database.py) does not match the provided filenames, indicating sloppy packaging or stale documentation.
!
Instruction Scope
SKILL.md describes running engine.run_debate and exposing a WebSocket, which matches the code. But the runtime behavior includes: (1) calls to an external LLM API (sending prompts, possibly code and sensitive context) using a hard-coded key; (2) executing model-generated Python via subprocess without strong containment (only timeout + deletion of temp file); (3) reading a local knowledge base path (/home/admin/.openclaw/workspace/kb) and writing a sqlite DB under /home/admin/.openclaw/workspace/data — these side effects are not documented in the skill metadata.
Install Mechanism
There is no install spec (instruction-only), so nothing is pulled automatically at install time. However, the package includes runnable Python code that depends on third-party libraries (requests, aiohttp, fastapi, uvicorn). Because there is no declared install step, users may attempt to run the code in an environment missing these deps. No external download URLs or extract steps are present (lower install risk), but the included code will execute when invoked.
!
Credentials
The skill declares no required environment variables or credentials, yet the code embeds DEFAULT_API_KEY = "sk-sp-..." and will use it to call an external LLM endpoint. It also tries to import a local api_key_manager (if present) to route keys. Asking for no creds while using a hard-coded key is inconsistent and a red flag: the skill will exfiltrate prompts/outputs to a remote service using that embedded key unless replaced. It also reads/writes host paths (kb, DB) without declaring them.
Persistence & Privilege
The skill does not set always:true and doesn't modify other skills. It creates a sqlite database under /home/admin/.openclaw/... and can start an HTTP/WebSocket server bound to 0.0.0.0, which opens a network service and serves files from local paths. Those behaviors give it persistent presence (on-disk DB, listening network port) and potential to expose host files if run on an unrestricted host; this is expected for a server but should be considered when choosing the runtime.
What to consider before installing
Do not run this on a production or sensitive host without review. Specific things to consider before installing or running: 1) Embedded API key: the code contains a DEFAULT_API_KEY and calls an external LLM endpoint — replace the key with your own or remove it; treat the embedded key as compromised. 2) Remote calls: prompts, including any confidential data you supply, will be sent to the external service (coding.dashscope.aliyuncs.com) by default. 3) Code execution: the 'sandbox' runs model-generated Python via subprocess with only a timeout and temp-file deletion — this is not a secure sandbox (no namespace isolation, no seccomp, no chroot). Run inside an isolated container or VM, or harden the sandbox. 4) File and network exposure: the server serves files from /home/admin paths and opens a network port (0.0.0.0) — this can expose local files; restrict binding or firewall appropriately. 5) Missing/declarative inconsistencies: SKILL.md filenames differ from the packaged files and no dependencies or env vars are declared — expect to manually install requirements. Recommended steps: run in an isolated disposable container, audit and remove the hard-coded key, configure a trusted key router or your own API key via a secure env var, restrict network access to the server, and review any local knowledge base files that the skill will read. If you lack the ability to safely sandbox or review the code, avoid installing or invoking this skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk979n85dc566cca5t0mrmgkkt184qyzt
71downloads
0stars
1versions
Updated 2w ago
v1.0.0
MIT-0
@timo2026
latest
Download

多模型对抗引擎 v2.0

核心能力

能力说明
🎭 四模型对抗架构师/工程师/安全官/仲裁者真实协作
🔧 代码沙箱工程师生成代码 → Python执行验证
📚 向量检索对话前检索知识库,避免假数据
⚖️ 收敛判断仲裁者动态判断,避免无限循环
🔄 断点续传中断后可恢复辩论
📡 WebSocket实时推送辩论进度

四模型配置

角色模型职责
🏗️ 架构师qwen3.5-plus方案生成
🔧 工程师qwen3-coder-plus代码实现+验证
🔍 安全官kimi-k2.5漏洞攻击
✅ 仲裁者MiniMax-M2.5收敛判断

执行流程

用户输入
    ↓
[1] 向量检索 → 知识库增强
    ↓
[2] 架构师 → 提出方案
    ↓
[3] 工程师 → 生成代码 → Python沙箱执行
    ↓
[4] 安全官 → 攻击漏洞
    ↓
[5] 仲裁者 → 收敛判断
    ↓
[6] 未收敛 → 返回[2]继续
    ↓ 已收敛
[7] 保存结论 → 知识库固化

API接口

启动对抗

from adversarial_engine import AdversarialEngine

engine = AdversarialEngine()
session = engine.run_debate(
    topic="如何设计高并发CNC报价系统?",
    max_rounds=5,
    enable_code_sandbox=True,
    enable_vector_search=True
)

WebSocket实时推送

ws://host:8083/ws
→ 实时推送每轮辩论内容

文件结构

adversarial-engine/
├── SKILL.md           # 本文件
├── engine.py          # 核心引擎
├── code_sandbox.py    # Python沙箱
├── vector_enhancer.py # 向量检索增强
├── ws_server.py       # WebSocket服务
└── database.py        # 数据持久化

🦫 海狸 | 靠得住、能干事、在状态

Comments

Loading comments...