ClawHub

Tool Permission Manager

v1.0.0

工具分级授权 - 细粒度管理每个工具的使用权限

0· 7·0 current·0 all-time
by@soroyue
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (tool permission management) match the SKILL.md contents. The declared requirements (no env vars, no binaries, no install) are appropriate for a purely instructional policy.
Instruction Scope
SKILL.md provides a simple mapping of tools to four permission levels and says the agent should auto-classify tools and allow user commands like “授权XXX工具” to change permissions. The instructions are high-level and do not direct the agent to read unrelated files, credentials, or external endpoints, but they are vague about how decisions are made, logged, or enforced.
Install Mechanism
No install spec and no code files — lowest-risk delivery. The skill will not write new binaries or download archives.
Credentials
The skill requests no environment variables, credentials, or config paths; the declared requirements are minimal and proportionate to an instruction-only policy.
Persistence & Privilege
always is false and autonomous invocation is allowed (the platform default). The SKILL.md implies the agent can change tool permissions dynamically, but it does not describe persistence, audit, or how those changes interact with platform-level enforcement — this is a behavioral/design ambiguity rather than a direct privilege request.
Assessment
This skill is a short, coherent policy that maps specific tool names to permission levels and does not request credentials or install code. Before installing, ask the author: (1) how are permission changes enforced and persisted (is there a config file or platform API used?), (2) where are changes logged and who can review/audit them, (3) how does it interact with platform-enforced forbidden tools (e.g., will it actually prevent use of gateway/delete or just suggest it), and (4) can you provide more precise rules for ambiguous tools. If you rely on this for security, test it in a safe environment and require explicit confirmation for any actions that might enable powerful tools (exec, write, delete, gateway).

Like a lobster shell, security has layers — review code before you run it.

latestvk9766kjte7p8fbdp1y185ybpx5844dyp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Tool Permission Manager - 工具权限管理器

功能

对每个工具进行细粒度授权管理,控制谁能使用什么工具。

权限等级

1. 公开(Public)

无需确认,直接使用

工具说明
read读取文件
web_search网络搜索
笔记相关读写笔记

2. 警告(Warning)

使用前显示警告

工具说明
exec执行命令
write写入文件

3. 审批(Approval)

使用前需确认

工具说明
message发送消息
cron定时任务
sessions会话管理

4. 禁止(Forbidden)

不可使用

工具说明
gateway网关配置
delete删除文件

权限配置

{
  "public": ["read", "web_search"],
  "warning": ["exec", "write"],
  "approval": ["message", "cron"],
  "forbidden": ["gateway", "delete"]
}

使用方式

自动根据工具类型判断权限等级。 用户可通过"授权XXX工具"动态调整权限。

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…