ClawHub

play_minecraft

v1.0.0

通过 Mindcraft HTTP API 控制 Minecraft Bot(无内置 LLM)。当用户提到 OpenClaw、外部 agent、REST 接口控制、读取状态、执行动作、批量任务编排时使用。

0· 234·0 current·0 all-time
by@songjc0511
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name (play_minecraft) and description reference controlling a Minecraft/Mindcraft bot via a Mindcraft HTTP API; the runtime instructions consistently target a local HTTP API (http://localhost:8080) and require running node main.js and checking settings.js. This is coherent overall, though there's a small naming/terminology mismatch (Minecraft vs Mindcraft) and the skill implicitly assumes you have or will run the Mindcraft server code (main.js/settings.js) which the skill package does not provide.
Instruction Scope
SKILL.md confines actions to querying and posting to the local REST API (/api/v1/agents, /state, /actions/schema, /actions/execute) and to local checks (running node main.js, verifying settings.js). It does not instruct reading unrelated system files or calling external endpoints. It does ask callers to log requests/responses and state snapshots (reasonable for debugging) — be cautious about where those logs are stored or transmitted.
Install Mechanism
No install spec and no code files are included in the skill bundle (instruction-only), so nothing will be written or downloaded by the skill itself. Lowest-risk install profile.
Credentials
The skill declares no required environment variables, binaries, or credentials and only expects access to a local HTTP API and possibly local files (main.js, settings.js). The requested access is proportional to the documented purpose.
Persistence & Privilege
always is false and model invocation is not disabled (normal). The skill does not request persistent privileges or modify other skills or system-wide settings.
Assessment
This skill is an instruction-only adapter for a local Mindcraft HTTP API — it does not include the server code. Before using: (1) verify the source and integrity of the Mindcraft server (main.js/settings.js) you will run; do not run untrusted Node.js code; (2) ensure the API endpoint is indeed localhost and not pointed at a remote host you don't control; (3) confirm logging of request/response/state snapshots is stored securely and not exfiltrated; (4) note the name mismatch (play_minecraft vs Mindcraft) and confirm this is the intended server; and (5) if you plan to expose the API beyond your machine, review authentication and network protections first.

Like a lobster shell, security has layers — review code before you run it.

latestvk979yqb8bwtr8ggvp2s5z37hj582y3sh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments