AgentSkillsCN

openclaw-arbiter

全面审计已安装技能的权限:精准识别网络访问、子进程执行、文件写入、不安全的反序列化操作,以及环境变量的使用情况。为您工作空间中的每一项技能提供权限矩阵。免费预警层——如需进一步强化权限管控,可升级至 openclaw-arbiter-pro,实现权限撤销、隔离管控与策略强制执行。

SKILL.md
--- frontmatter
name: openclaw-arbiter
description: "Audit installed skill permissions: detect network access, subprocess execution, file writes, unsafe deserialization, and environment variable usage. Permission matrix for every skill in your workspace. Free alert layer — upgrade to openclaw-arbiter-pro for revocation, quarantine, and policy enforcement."
user-invocable: true
metadata: {"openclaw":{"emoji":"⚖️","requires":{"bins":["python3"]},"os":["darwin","linux","win32"]}}

OpenClaw Arbiter

Audits installed skills to report exactly what system resources each one accesses — network, subprocess, file I/O, environment variables, and unsafe operations.

The Problem

You install skills and trust them blindly. A skill that claims to format markdown could also open network connections, execute shell commands, or read your environment variables. Nothing reports what permissions each skill actually uses.

Need automated enforcement? Upgrade to openclaw-arbiter-pro for revocation, quarantine, and policy enforcement.

Commands

Full Audit

Deep audit of all installed skills with line-level findings.

bash
python3 {baseDir}/scripts/arbiter.py audit --workspace /path/to/workspace

Audit Single Skill

bash
python3 {baseDir}/scripts/arbiter.py audit openclaw-warden --workspace /path/to/workspace

Permission Matrix

Compact table showing permission categories per skill.

bash
python3 {baseDir}/scripts/arbiter.py report --workspace /path/to/workspace

Quick Status

One-line summary of permission risk.

bash
python3 {baseDir}/scripts/arbiter.py status --workspace /path/to/workspace

What It Detects

CategoryRiskExamples
SerializationCRITICALpickle, eval(), exec(), import
SubprocessHIGHsubprocess, os.system, Popen, command substitution
NetworkHIGHurllib, requests, curl, wget, hardcoded URLs
File WriteMEDIUMopen('w'), shutil.copy, os.remove, rm
EnvironmentMEDIUMos.environ, os.getenv, os.putenv
CryptoLOWhashlib, hmac, ssl
File ReadLOWopen('r'), os.walk, glob

Exit Codes

  • 0 — Clean, all skills within normal bounds
  • 1 — Elevated permissions detected (review needed)
  • 2 — Critical permissions detected (action needed)

No External Dependencies

Python standard library only. No pip install. No network calls. Everything runs locally.

Cross-Platform

Works with OpenClaw, Claude Code, Cursor, and any tool using the Agent Skills specification.