ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Copilot For Revit Skill

v1.0.1

让 OpenClaw 能够操作 Revit。当用户提及 Revit 相关操作(图纸、标注、视图、元素等)时自动调用。 支持的操作包括: - 检查 Revit 状态 - 列出可用工具 - 执行 Revit 命令(生成图纸、创建标注、查询元素等)

0· 178·0 current·0 all-time
by@ryanchan720
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name and description match the implementation: the skill calls a local openclaw-bridge to talk to a Revit MCP service. The script and SKILL.md expect REVIT_MCP_URL and OPENCLAW_BRIDGE_DIR which are appropriate for this purpose. However the registry metadata earlier said "Required env vars: none" while SKILL.md declares two required env vars — an inconsistency that should be resolved.
!
Instruction Scope
SKILL.md instructs automatic activation on Revit-related keywords and to call the remote Revit MCP service to run commands (including commands that modify or delete elements). The document explicitly warns about destructive operations but the default behavior (automatic activation + no command-execution confirmation by default) risks accidental destructive changes. Instructions do not ask to read unrelated system files or secrets, but they do require network access to a Windows host on port 18181.
Install Mechanism
This is instruction-only with a small helper script; there is no download/install spec. The script invokes the local openclaw-bridge repo via 'uv run' in the configured directory — this is consistent with the stated workflow and doesn't pull arbitrary remote binaries in the skill itself.
Credentials
The only environment/config items used are REVIT_MCP_URL and OPENCLAW_BRIDGE_DIR, which are appropriate and low-privilege (no API keys or secrets requested). The mismatch between registry metadata (which listed no required env vars) and SKILL.md declarations should be fixed so users know what to set.
!
Persistence & Privilege
always:false (good) and model invocation is allowed (normal). However, because the skill is configured to auto-trigger on keywords and can execute modifying commands on a remote Revit instance, autonomous invocation increases the risk of unintended destructive actions. Recommend enabling explicit command-confirmation before making changes and restricting automatic activation.
What to consider before installing
This skill appears to be what it says: it calls a Revit MCP service via a local openclaw-bridge. Before installing, do the following: (1) Verify and set REVIT_MCP_URL and OPENCLAW_BRIDGE_DIR in your environment — the registry metadata currently doesn't list them, so the SKILL.md is the authoritative source. (2) Only use on a trusted network where the Linux host can reach the Windows Revit MCP port. (3) Treat it as potentially destructive: test in a non-production Revit project first and enable any available command-confirmation in OpenClaw. (4) Consider disabling automatic keyword activation or require an explicit 'use Revit' prefix so the agent doesn't run commands accidentally. (5) Inspect and trust the openclaw-bridge code in OPENCLAW_BRIDGE_DIR (it's executed by the script). If you need higher assurance, request the publisher clarify the metadata mismatch and add an explicit confirmation step before commands that modify Revit models.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a30q4p26gv55t0fgj99s6es836ndw
178downloads
0stars
2versions
Updated 2h ago
v1.0.1
MIT-0
@ryanchan720
latest
Download

Copilot for Revit Skill

自动检测 Revit 相关意图,通过 openclaw-bridge 调用远程 Revit MCP 服务。

⚠️ 安全警告

此 skill 可以执行修改 Revit 项目的命令(如删除元素、修改参数、生成图纸等)。

  • 请确保在信任的网络环境中使用
  • 建议先在测试项目中验证
  • 如需命令执行确认,可在 OpenClaw 配置中启用命令确认机制

前置条件

  1. Windows 端已配置好 Copilot for Revit(参考 快速开始指南
  2. Linux 端已安装 openclaw-bridge(git clone https://github.com/ryanchan720/openclaw-bridge
  3. 网络互通:Linux 能访问 Windows 的 18181 端口

配置

环境变量

变量说明默认值
REVIT_MCP_URLRevit MCP 服务地址http://localhost:18181
OPENCLAW_BRIDGE_DIRopenclaw-bridge 仓库路径~/repos/openclaw-bridge

~/.bashrc~/.zshrc 中配置:

export REVIT_MCP_URL="http://192.168.1.100:18181"
export OPENCLAW_BRIDGE_DIR="$HOME/repos/openclaw-bridge"

验证

# 测试连通性
curl $REVIT_MCP_URL/sse

# 或使用 bridge CLI
cd $OPENCLAW_BRIDGE_DIR
uv run python -m openclaw_bridge.cli health

使用方式

自动检测(推荐)

直接在聊天中提及 Revit 相关操作:

用户: Revit 在线吗?
OpenClaw: [自动调用 health 检查]

用户: 帮我看看 Revit 里有哪些可用命令
OpenClaw: [自动调用 tools list]

用户: 帮我在当前视图里创建梁标记
OpenClaw: [自动匹配 TagBeamCommand 并调用]

显式调用

明确指定要使用的工具:

用户: 用 GetEnvInfoCommand 查看一下环境信息
OpenClaw: [调用指定工具]

触发关键词

当用户消息包含以下关键词时自动激活:

  • Revit
  • 图纸 / 标注 / 视图 / 元素
  • 墙 / 门 / 窗 / 梁 / 柱
  • 标高 / 房间
  • 以及从 tools list 动态获取的所有工具名称

错误处理

错误提示
Revit 不在线提示用户启动 Revit 或检查网络
Revit is not ready提示用户打开项目文件
工具不存在列出可用工具供用户选择
参数缺失向用户询问缺失的参数

注意事项

  1. Revit 必须打开项目:大多数命令需要在打开 .rvt 文件后才能执行
  2. 同步执行:当前为同步调用,长耗时命令可能需要等待
  3. 网络依赖:需要 Linux 主机能访问 Windows 的 18181 端口

相关链接

Comments

Loading comments...