Openclaw Skill Ansible — Openclaw工具

Name: Openclaw Skill Ansible — Openclaw工具
Author: likesjx

likesjx

Openclaw Skill Ansible — Openclaw工具

v0.1.6

[AI辅助] Operate and secure mesh workflows across gateways, including plugin bootstrap, invite/join auth handshake, resilient routing, capability contract lifecycle,...

0· 447·0 当前·0 累计

by @likesjx·MIT-0

工作流自动化安全系统工具开发工具

下载技能包

License

MIT-0

最后更新

2026/4/12

安全扫描

VirusTotal

可疑

查看报告

OpenClaw

可疑

medium confidence

The skill's files and runtime instructions broadly match its MeshOps purpose, but there are inconsistencies and several powerful, potentially risky operations (deploying archives, running commands, automatic capability registration/auto-claiming) gated by environment variables — the gating and registry metadata are inconsistent and need review before install.

评估建议

This skill is purpose-aligned for a MeshOps control plane, but review these before installing: - Resolve the manifest mismatch: the registry summary says "no required env vars/bins" but metadata.yaml inside the package lists several gates and binaries. Confirm the marketplace metadata matches the packaged metadata. - Treat the gating env vars (OPENCLAW_ALLOW_HIGH_RISK, OPENCLAW_ALLOW_RUN_CMD, OPENCLAW_ALLOW_DEPLOY_SKILL) as safety interlocks — ensure they default to disabled (0) and are only en...

详细分析 ▾

ℹ 用途与能力

The name/description (MeshOps control-plane) aligns with the included docs, SKILL.md, and scripts: they implement ring-of-trust, CRDT sync, capability routing, and lifecycle ops. The presence of scripts to install plugins, deploy skills, run commands, and collect logs is coherent with an operator/mesh-control skill. However, the skill manifest shown earlier (registry summary) reported no required env vars/binaries while metadata.yaml inside the package lists several required env vars and binaries (OPENCLAW_* gates, openclaw, jq, curl, tar, sha tools, git). This mismatch is an incoherence to resolve.

⚠ 指令范围

SKILL.md instructs agents to perform broad dispatcher behaviors (auto-register capabilities on load, auto-claim tasks at each reasoning step, write routing metadata into shared Yjs state). Those instructions give loaded agents autonomous authority to discover and claim work across a mesh. The runtime action scripts also read environment gates, write to filesystem locations (/opt/openclaw/skills, /var/lib/openclaw/artifacts), download artifacts from arbitrary HTTPS URLs (deploy-skill), and run CLI tooling. While many of these actions are gated, the SKILL.md's automatic/implicit side-effects (capability registration on load, automated claiming) expand the agent's scope significantly and deserve operator review.

✓ 安装机制

There is no package-install spec embedded (instruction-only at registry level) and code files are shipped in the skill bundle. The scripts themselves call external network via openclaw plugins install and curl (for deploy-skill) — but those are invoked at runtime and are gated. No opaque downloads from personal IPs or shorteners; deploy-skill requires HTTPS and SHA256 verification. This is acceptable but still risky in practice because extracting remote archives into /opt is high-impact.

⚠ 凭证需求

Declared envs in metadata.yaml (OPENCLAW_ALLOWED_CALLERS, OPENCLAW_ALLOW_HIGH_RISK, OPENCLAW_ALLOW_RUN_CMD, OPENCLAW_ALLOW_DEPLOY_SKILL, OPENCLAW_RUN_CMD_ALLOWLIST, OPENCLAW_ARTIFACT_ROOT) map to the skill's gating design and are not secret credentials, which is proportionate. But the registry summary reported no required envs (contradiction). Also, required envs control powerful actions: if gates are enabled (OPENCLAW_ALLOW_RUN_CMD=1, OPENCLAW_ALLOW_DEPLOY_SKILL=1, OPENCLAW_ALLOW_HIGH_RISK=1) and caller allowlist permits a caller, the skill can download and extract archives and run commands (even though run-cmd has an allowlist, deploy-skill downloads arbitrary artifact URLs). This makes correct gate configuration critical.

ℹ 持久化与权限

always:false and disable-model-invocation:false (normal). The skill's documented behavior includes side-effects on agent startup (capability registration) and automatic claiming at each reasoning step; those are functional choices but increase the blast radius because agents with the skill become eligible executors and can be auto-invoked. Combined with the deploy-skill/run-cmd scripts, this raises risk if gating env-vars or allowlists are misconfigured. The skill does not request system-wide config modification beyond installing skills or writing to /opt when operator-invoked.

安全有层次，运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发，无需署名。

查看条款 ↗

运行时依赖

无特殊依赖

版本

latestv0.1.62026/3/4

- Documentation formatting updated in SKILL.md for improved readability and structure. - No changes to core logic or skill functionality in this release.

● 可疑

安装命令点击复制

官方npx clawhub@latest install openclaw-skill-ansible

镜像加速npx clawhub@latest install openclaw-skill-ansible --registry https://cn.clawhub-mirror.com

技能文档

什么

Ansible is a distributed coordination layer that lets you operate across multiple OpenClaw gateways as one coordinated mesh.

Four pillars:

Ring 的 Trust: invite/join handshake, auth-gate WebSocket tickets, ed25519-signed capability manifests, per-action safety gates, 和令牌 lifecycle.
Mesh 同步: Yjs CRDT replication 在...上 Tailscale. Messages, tasks, context, 和 pulse remain durable 穿过 reconnects 和 restarts.
Capability Routing: 发布/unpublish capability contracts. 每个 contract references delegation skill (requester) 和 execution skill (executor).
Lifecycle Ops: lock sweep, retention/pruning, coordinator sweep, 和 deployment hygiene.

Relationship Modes

Friends/Employees (默认): 其他 nodes 不同 agents. Provide context 和 communicate explicitly.
Hemispheres (advanced): mirrored instances 的相同 identity. Shared intent 和 direct communication.

Default to Friends/Employees unless explicitly told a node is a hemisphere.

节点 Topology

Backbone: always-在...上 nodes (VPS/servers) host Yjs WebSocket.
Edge: intermittent nodes (laptops/desktops) connect 到 backbone.

Human Visibility Contract (必填在...上 Pickup)

When taking coordination work, maintain explicit lifecycle updates:

ACK: confirm receipt 和 summarize intent.
IN_PROGRESS: emit progress updates 在 meaningful checkpoints.
已完成或 BLOCKED: 关闭带有 evidence, 下一个 action, 和 owner.

Use conversation_id consistently for all related updates.

Ring 的 Trust - Behavioral Rules

Unknown nodes require invite-based admission. 做不 bypass.
High-risk capability publishes require human approval artifacts.
Respect caller gates (OPENCLAW_ALLOWED_CALLERS) 和 high-risk flags.
Never expose tokens 在...中 plaintext messages/logs/shared state.
当...时 signature enforcement 在...上, 仅 accept manifests signed 由 trusted publisher keys.

Gateway Compatibility Contract

验证插件 installed 和 readable 之前 assuming tool availability.
验证 tier assumptions (backbone vs edge) 之前 mutating coordination settings.
Treat gateway runtime 作为 source 的 truth 对于活跃 topology 和 health.

Reliability 模型

Source 的 Truth

Shared Yjs state is authoritative.

Delivery Semantics

Durable: messages/tasks persist 在...中 shared state.
Auto-dispatch: best-effort realtime injection 进入 sessions.
Heartbeat reconcile: periodic rescan recovers missed injections.
重试: transient dispatch failures 重试带有 bounded backoff.
发送 receipts: notify configured operators 当...时 work placed 在...上 mesh.

Operating Rules

验证待处理 work 带有 ansible_status 和 ansible_read_messages.
如果 polling mode used, always 回复通过 ansible_send_message.
使用 corr: 对于 thread continuity.
监听器 behavior optimization; sweep/reconcile backstop.

Capability Contracts

capability contract, 不只是 label.
Contract includes delegation 和 execution skill references.
Publishing updates routing eligibility mesh-wide.
Provenance verified against trusted publisher keys 当...时 configured.
High-risk contracts require explicit approval artifacts.
Unpublish removes eligibility immediately.
Lifecycle evidence 必须 capture install/wire outcomes.

Delegation Protocol

Requester creates task 带有 objective, context, acceptance criteria, 和 target policy (to_agents 或 capability).
Executor claims task 和 sends acceptance/ETA signal.
Executor performs work, emits progress, 和 completes 带有 structured 结果.
Requester reports final outcome 到 human 和/或 downstream agents.

Coordinator Behavior

Run sweep loops 对于 stale locks, SLA drift, 和 backlog reconciliation.
Prefer 记录-仅 escalation 由默认当...时 blast radius unclear.
如果 DEGRADED, prioritize containment, visibility, 和 deterministic recovery.

可用 Tools

Communication

Tool	Purpose
`ansible_send_message`	Send targeted or broadcast message across mesh
`ansible_read_messages`	Read unread messages (or full history)
`ansible_mark_read`	Mark messages as read
`ansible_delete_messages`	Admin-only emergency purge

Task Delegation

Tool	Purpose
`ansible_delegate_task`	Create task for another node/agent set
`ansible_claim_task`	Claim pending task
`ansible_update_task`	Update task status/progress
`ansible_complete_task`	Complete task and notify requester
`ansible_find_task`	Resolve task by ID/title

Context 和 Status

Tool	Purpose
`ansible_status`	Mesh health, unread, pending, and topology summary
`ansible_update_context`	Update shared context/threads/decisions

Coordination 和 Governance

Tool	Purpose
`ansible_get_coordination`	Read coordinator configuration
`ansible_set_coordination_preference`	Set node coordinator preference
`ansible_set_coordination`	Switch coordinator (guarded)
`ansible_set_retention`	Configure closed-task retention/pruning
`ansible_get_delegation_policy`	Read delegation policy plus ACKs
`ansible_set_delegation_policy`	Publish/update delegation policy
`ansible_ack_delegation_policy`	Acknowledge policy version
`ansible_lock_sweep_status`	Inspect lock sweep health

Capability Lifecycle

Tool	Purpose
`ansible_list_capabilities`	List published capability contracts
`ansible_capability_publish`	Publish/upgrade capability contract
`ansible_capability_unpublish`	Remove capability from routing
`ansible_capability_lifecycle_evidence`	Show install/wire evidence for version
`ansible_capability_health_summary`	Show success/error/latency summary

当...时到使用 Ansible

Use Ansible when work crosses gateways, needs durable coordination, or requires auditable delegation contracts.

会话 Behavior

开始由 checking status 和待处理 work.
Prefer explicit delegation 对于 capability-matched work.
Keep humans 在...中循环通过 lifecycle messages.

消息 Protocol v1

Always include enough context 对于 independent execution.
使用 stable correlation IDs (corr) 和 conversation IDs.
Prefer structured payloads 在...上 freeform-仅 messaging.

Setup Playbooks

Follow plugin setup and gateway runbooks for topology bootstrap, auth-gate, and trust settings.

Delegation Management

Keep delegation policy current 和 acknowledged 穿过 nodes.
Treat capability publishes 作为 contract releases.
Roll back quickly 当...时 lifecycle evidence indicates drift 或 misfire.

What This Is

Ansible is a distributed coordination layer that lets you operate across multiple OpenClaw gateways as one coordinated mesh.

Four pillars:

Ring of Trust: invite/join handshake, auth-gate WebSocket tickets, ed25519-signed capability manifests, per-action safety gates, and token lifecycle.
Mesh Sync: Yjs CRDT replication over Tailscale. Messages, tasks, context, and pulse remain durable across reconnects and restarts.
Capability Routing: publish/unpublish capability contracts. Each contract references a delegation skill (requester) and an execution skill (executor).
Lifecycle Ops: lock sweep, retention/pruning, coordinator sweep, and deployment hygiene.

Relationship Modes

Friends/Employees (default): other nodes are different agents. Provide context and communicate explicitly.
Hemispheres (advanced): mirrored instances of the same identity. Shared intent and direct communication.

Default to Friends/Employees unless explicitly told a node is a hemisphere.

Node Topology

Backbone: always-on nodes (VPS/servers) that host Yjs WebSocket.
Edge: intermittent nodes (laptops/desktops) that connect to backbone.

Human Visibility Contract (Required on Pickup)

When taking coordination work, maintain explicit lifecycle updates:

ACK: confirm receipt and summarize intent.
IN_PROGRESS: emit progress updates at meaningful checkpoints.
DONE or BLOCKED: close with evidence, next action, and owner.

Use conversation_id consistently for all related updates.

Ring of Trust - Behavioral Rules

Unknown nodes require invite-based admission. Do not bypass.
High-risk capability publishes require human approval artifacts.
Respect caller gates (OPENCLAW_ALLOWED_CALLERS) and high-risk flags.
Never expose tokens in plaintext messages/logs/shared state.
When signature enforcement is on, only accept manifests signed by trusted publisher keys.

Gateway Compatibility Contract

Validate plugin is installed and readable before assuming tool availability.
Verify tier assumptions (backbone vs edge) before mutating coordination settings.
Treat gateway runtime as source of truth for active topology and health.

Reliability Model

Source of Truth

Shared Yjs state is authoritative.

Delivery Semantics

Durable: messages/tasks persist in shared state.
Auto-dispatch: best-effort realtime injection into sessions.
Heartbeat reconcile: periodic rescan recovers missed injections.
Retry: transient dispatch failures retry with bounded backoff.
Send receipts: notify configured operators when work is placed on mesh.

Operating Rules

Verify pending work with ansible_status and ansible_read_messages.
If polling mode is used, always reply via ansible_send_message.
Use corr: for thread continuity.
Listener behavior is optimization; sweep/reconcile is the backstop.

Capability Contracts

A capability is a contract, not just a label.
Contract includes delegation and execution skill references.
Publishing updates routing eligibility mesh-wide.
Provenance is verified against trusted publisher keys when configured.
High-risk contracts require explicit approval artifacts.
Unpublish removes eligibility immediately.
Lifecycle evidence must capture install/wire outcomes.

Delegation Protocol

Requester creates task with objective, context, acceptance criteria, and target policy (to_agents or capability).
Executor claims task and sends acceptance/ETA signal.
Executor performs work, emits progress, and completes with structured result.
Requester reports final outcome to human and/or downstream agents.

Coordinator Behavior

Run sweep loops for stale locks, SLA drift, and backlog reconciliation.
Prefer record-only escalation by default when blast radius is unclear.
If DEGRADED, prioritize containment, visibility, and deterministic recovery.

Available Tools

Communication

Tool	Purpose
`ansible_send_message`	Send targeted or broadcast message across mesh
`ansible_read_messages`	Read unread messages (or full history)
`ansible_mark_read`	Mark messages as read
`ansible_delete_messages`	Admin-only emergency purge

Task Delegation

Tool	Purpose
`ansible_delegate_task`	Create task for another node/agent set
`ansible_claim_task`	Claim pending task
`ansible_update_task`	Update task status/progress
`ansible_complete_task`	Complete task and notify requester
`ansible_find_task`	Resolve task by ID/title

Context and Status

Tool	Purpose
`ansible_status`	Mesh health, unread, pending, and topology summary
`ansible_update_context`	Update shared context/threads/decisions

Coordination and Governance

Tool	Purpose
`ansible_get_coordination`	Read coordinator configuration
`ansible_set_coordination_preference`	Set node coordinator preference
`ansible_set_coordination`	Switch coordinator (guarded)
`ansible_set_retention`	Configure closed-task retention/pruning
`ansible_get_delegation_policy`	Read delegation policy plus ACKs
`ansible_set_delegation_policy`	Publish/update delegation policy
`ansible_ack_delegation_policy`	Acknowledge policy version
`ansible_lock_sweep_status`	Inspect lock sweep health

Capability Lifecycle

Tool	Purpose
`ansible_list_capabilities`	List published capability contracts
`ansible_capability_publish`	Publish/upgrade capability contract
`ansible_capability_unpublish`	Remove capability from routing
`ansible_capability_lifecycle_evidence`	Show install/wire evidence for version
`ansible_capability_health_summary`	Show success/error/latency summary

When to Use Ansible

Use Ansible when work crosses gateways, needs durable coordination, or requires auditable delegation contracts.

Session Behavior

Start by checking status and pending work.
Prefer explicit delegation for capability-matched work.
Keep humans in loop via lifecycle messages.

Message Protocol v1

Always include enough context for independent execution.
Use stable correlation IDs (corr) and conversation IDs.
Prefer structured payloads over freeform-only messaging.

Setup Playbooks

Follow plugin setup and gateway runbooks for topology bootstrap, auth-gate, and trust settings.

Delegation Management

Keep delegation policy current and acknowledged across nodes.
Treat capability publishes as contract releases.
Roll back quickly when lifecycle evidence indicates drift or misfire.

数据来源：ClawHub ↗ · 中文优化：龙虾技能库

OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险，如需更匹配、更安全的方案，建议联系付费定制

了解定制服务

License

运行时依赖

版本

安装命令 点击复制

技能文档

什么

Relationship Modes

节点 Topology

Human Visibility Contract (必填 在...上 Pickup)

Ring 的 Trust - Behavioral Rules

Gateway Compatibility Contract

Reliability 模型

Source 的 Truth

Delivery Semantics

Operating Rules

Capability Contracts

Delegation Protocol

Coordinator Behavior

可用 Tools

Communication

Task Delegation

Context 和 Status

Coordination 和 Governance

Capability Lifecycle

当...时 到 使用 Ansible

会话 Behavior

消息 Protocol v1

Setup Playbooks

Delegation Management

What This Is

Relationship Modes

Node Topology

Human Visibility Contract (Required on Pickup)

Ring of Trust - Behavioral Rules

Gateway Compatibility Contract

Reliability Model

Source of Truth

Delivery Semantics

Operating Rules

Capability Contracts

Delegation Protocol

Coordinator Behavior

Available Tools

Communication

Task Delegation

Context and Status

Coordination and Governance

Capability Lifecycle

When to Use Ansible

Session Behavior

Message Protocol v1

Setup Playbooks

Delegation Management

安装命令点击复制

Human Visibility Contract (必填在...上 Pickup)

当...时到使用 Ansible