Optional Strict Instructions 可选择的严格指令
v0.0.1Manage operations with mandatory user confirmation, permission checks, explicit method adherence, and clear choices before execution on sensitive system tasks.
⭐ 1· 194·0 current·0 all-time
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name and description state the skill is for sensitive operations requiring confirmation and strict adherence; the included scripts and SKILL.md provide exactly that workflow (verification, option presentation, executing sudo or non-sudo commands). There are no unrelated credentials, network endpoints, or unexpected binaries.
Instruction Scope
SKILL.md stays within the declared scope (file/service/package management, sudo workflows). However it references scripts/template.sh which is not present in the file manifest (likely a documentation mismatch). More importantly, examples and scripts accept a sudo password as a CLI argument or read it and then echo it into sudo -S; this practice can expose secrets (command-line arguments are visible to other local users via process listings) and increases risk if the agent is used interactively or programmed to request secrets.
Install Mechanism
No install spec; this is instruction + script-only. No downloads, package installs, or external artifacts are pulled during install, so filesystem/remote code risk from installation is low.
Credentials
The skill does not request environment variables, credentials, or config paths. The only sensitive interaction is the runtime handling of sudo passwords (prompt or argument). That is proportionate to the stated purpose, but password-by-argument is unnecessary and insecure compared to prompting only or advising manual execution.
Persistence & Privilege
Skill is not always-enabled, does not request persistent privileges, and does not modify other skills or global agent config. Autonomous invocation is allowed (platform default), which is expected for a user-invocable skill.
Assessment
This skill appears to do what it claims: present choices and perform sudo/system operations. Before installing or using it: (1) Review the scripts yourself — especially scripts/strict-execution.sh — to confirm you are comfortable with how sudo passwords are requested and used. The script accepts a password as a command-line argument and echoes it into sudo -S; avoid supplying passwords as arguments (they are visible in process lists). Prefer using the script's interactive prompt or manually running displayed commands. (2) Note the SKILL.md references scripts/template.sh which is missing — verify there are no omitted files or hidden behavior. (3) Only provide sudo passwords to skills you fully trust; consider asking the skill to display exact commands for manual execution rather than handing over credentials. (4) If you plan to allow autonomous agent invocation, be aware this increases blast radius for dangerous system actions; consider keeping invocation manual for sensitive tasks.Like a lobster shell, security has layers — review code before you run it.
latest
Optional Strict Instructions Skill
This skill encapsulates the learned workflow for handling operations that require user confirmation, permission verification, and strict adherence to explicit instructions.
Core Principles Learned
1. Verify Before Acting
- Always check resource existence first
- Never assume user intent or permissions
- Gather complete information before presenting options
2. Provide Clear Choices
- Present multiple valid approaches
- Include safety options (cancel, info-only, reversible actions)
- Explain consequences and risks for each option
- Structure options from most to least privileged
3. Wait for Explicit Confirmation
- Never proceed without user input
- Accept only clear, unambiguous choices
- If input is unclear, ask for clarification
4. Follow Instructions Strictly
- When user specifies a method (e.g., "use sudo"), use exactly that method
- Do not substitute alternative approaches without permission
- If specified method fails, report and wait for new instructions
5. Handle Authentication Properly
- When sudo/authentication is required and fails, stop and report
- Do not attempt unauthorized alternatives
- Wait for password or alternative instruction
Standard Workflow
Phase 1: Verification
1. Check if target resource exists
2. Gather details (size, permissions, ownership, timestamps)
3. Determine what operations are possible
Phase 2: Option Presentation
[Operation Context]
Found: /path/to/resource (details)
Options:
1. [Method A - e.g., sudo with explanation]
2. [Method B - e.g., user permissions]
3. [Safety option - e.g., move to trash]
4. [Cancel operation]
Enter number choice (1-4):
Phase 3: Execution
1. Execute exactly as described in chosen option
2. If fails due to permissions/authentication, report and stop
3. Do not attempt unauthorized alternatives
Phase 4: Verification & Reporting
1. Verify operation completed successfully
2. Report results clearly
3. If failed, explain why and offer next steps
Key Scenarios & Patterns
Scenario 1: User Specifies Exact Method
User: "Use sudo to delete file.txt"
Correct Response:
- Check file.txt exists
- Execute:
sudo rm file.txt - If sudo needs password: "sudo requires password. Please provide password or choose alternative"
- Do NOT try
rm file.txtwithout sudo
Wrong Response: Trying user permissions when sudo fails
Scenario 2: Multiple Valid Approaches
User: "Delete the log file"
Correct Response:
Found: /var/log/app.log (requires root)
Options:
1. sudo rm /var/log/app.log
2. sudo truncate /var/log/app.log (clear contents)
3. Show file contents first
4. Cancel
Scenario 3: Safety-Required Operations
User: "Modify system configuration"
Correct Response:
Modifying /etc/config/file (system-critical)
Options:
1. Proceed with backup first
2. Proceed without backup (risky)
3. Show proposed changes only
4. Cancel
Common Patterns
File Deletion Pattern
Found: /path/file (size, owner, modified)
Options:
1. sudo rm -f (permanent, needs password)
2. rm (permanent, user permissions)
3. trash/move to recycle (reversible)
4. Cancel
Sudo Operation Pattern
Operation requires sudo to [action]
Options:
1. Run with sudo (needs password)
2. Show command for manual execution
3. Check if alternative exists
4. Cancel
System Change Pattern
This will [describe change] affecting [system component]
Options:
1. Proceed with precautions [list]
2. Proceed without precautions (risk: [list])
3. Dry-run/show changes only
4. Cancel
Error Handling Rules
Rule 1: Authentication Failure
If sudo/authentication fails:
1. Report "Authentication required/failed"
2. Stop execution
3. Offer: "Provide password or choose alternative"
4. Do NOT attempt unauthorized methods
Rule 2: Permission Denied
If permission denied:
1. Report exact error
2. Explain why permission was denied
3. Offer appropriate alternatives
4. Do NOT attempt to bypass permissions
Rule 3: Resource Not Found
If resource doesn't exist:
1. Report "Resource not found: /path"
2. Suggest possible locations or alternatives
3. Do NOT proceed with operation
Learning from Mistakes
Mistake: Assuming Alternatives
Wrong: When sudo fails, try user permissions without asking Correct: Report failure, wait for instruction
Mistake: Over-automation
Wrong: Automatically choose "best" method Correct: Present options, let user choose
Mistake: Insufficient Verification
Wrong: Proceed without checking resource details Correct: Gather complete info first
Implementation Checklist
Before any sensitive operation:
- Check resource exists
- Gather permissions/ownership
- Determine possible methods
- Present clear options
- Wait for user choice
- Execute exactly as chosen
- Verify results
- Report completion
Reference Files
- See references/scenarios.md for detailed examples
- See scripts/template.sh for implementation templates
Remember
User choice > Automation efficiency Explicit instructions > Assumed intent Safety > Speed Verification > Assumption
Comments
Loading comments...