首页龙虾技能列表 › Authentication — 技能工具

Authentication — 技能工具

v1.0.0

[自动翻译] Proving identity: sessions, tokens, MFA, recovery. Use when implementing login, token refresh, or auth bugs.

0· 134·1 当前·1 累计
by @codenova58·MIT-0
下载技能包
License
MIT-0
最后更新
2026/3/27
安全扫描
VirusTotal
无害
查看报告
OpenClaw
安全
high confidence
This is an instruction-only guidance skill for authentication design and review; its declared requirements and runtime instructions are consistent with that purpose and do not request extra access or installs.
评估建议
This skill is a coherent, low-risk guidance workflow for authentication work. It's safe to install from a permissions perspective because it asks for no credentials and performs no installs. When using it, avoid pasting real secrets or production credentials into chat; provide redacted or mocked examples instead. If the skill suggests configuration or code changes, review them before applying in production and run tests/canaries as recommended by the workflow.
详细分析 ▾
用途与能力
Name and description (sessions, tokens, MFA, recovery) match the SKILL.md content. The skill is purely procedural guidance and does not request credentials, binaries, or platform-specific access that would be unnecessary for its stated purpose.
指令范围
The SKILL.md confines itself to asking questions, proposing a four-stage workflow, checklists, and concrete recommendations. It does not instruct the agent to read files, access secrets, or call external endpoints. It asks for context (environment, scale) but does not demand sensitive data.
安装机制
No install spec and no code files — instruction-only. Nothing will be written to disk or downloaded by the skill itself, which minimizes installation risk.
凭证需求
No environment variables, credentials, or config paths are requested. The guidance mentions asking for contextual information (scale, environment) but does not require secrets or platform keys.
持久化与权限
always is false and the skill is user-invocable; model invocation is allowed (the platform default). The skill does not request persistent or elevated privileges or modify other skills/configurations.
安全有层次,运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发,无需署名。

运行时依赖

无特殊依赖

版本

latestv1.0.02026/3/27

authentication skill v1.0.0 – Initial release - Provides a structured, stage-based workflow for authentication tasks: context clarification, planning, implementation/validation, and operation. - Emphasizes actionable steps, verification, and risk/trade-off awareness throughout authentication work. - Offers procedural guidance covering sessions, tokens, MFA, and recovery scenarios. - Includes a checklist to ensure completeness, quality, and clear communication. - Flexibly adapts to users preferring either structured workflow or freeform help.

● 无害

安装命令 点击复制

官方npx clawhub@latest install authentication
镜像加速npx clawhub@latest install authentication --registry https://cn.clawhub-mirror.com

技能文档

This skill provides structured guidance for Authentication work. Act as an active guide: confirm triggers, propose the stages below, and adapt if the user wants a lighter pass.

When to Offer This Workflow

Trigger conditions:

  • User mentions authentication or closely related work
  • They want a structured workflow rather than ad-hoc tips
  • They are preparing a review, rollout, or stakeholder communication

Initial offer: Explain the four stages briefly and ask whether to follow this workflow or work freeform. If they decline, continue in their preferred style.

Workflow Stages

Stage 1: Clarify context & goals

Anchor on threat model: sessions vs tokens. Ask what success looks like, constraints, and what must not break. Capture unknowns early.

Stage 2: Design or plan the approach

Translate goals into a concrete plan around passwords, MFA, and recovery. Compare alternatives and explicit trade-offs; avoid implicit assumptions.

Stage 3: Implement, validate, and harden

Execute with verification loops tied to token lifetime and refresh. Prefer small steps, measurable checks, and rollback points where risk is high.

Stage 4: Operate, communicate, and iterate

Close the loop with logging, lockout, and abuse: monitoring, documentation, stakeholder updates, and lessons learned for the next cycle.

Checklist Before Completion

  • Goals and constraints are explicit for Authentication Skill
  • Risks and trade-offs are stated, not hand-waved
  • Verification steps match the change’s impact (tests, canary, peer review)
  • Operational follow-through is covered (monitoring, docs, owners)

Tips for Effective Guidance

  • Be procedural: stage-by-stage, with clear exit criteria
  • Ask for missing context (environment, scale, deadlines) before prescribing
  • Prefer checklists and concrete examples over generic platitudes
  • If the user declines the workflow, switch to freeform help without lecturing

Handling Deviations

  • If the user wants to skip a stage: confirm and continue with what they need.
  • If context is missing: ask targeted questions before strong recommendations.
  • Prefer concrete examples, trade-offs, and verification steps over generic advice.

Quality Bar

  • Each recommendation should be actionable (what to do next).
  • Call out failure modes relevant to Authentication (security, scale, UX, or ops).
  • Keep tone direct and respectful of the user’s time.
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制

了解定制服务