Elasticsearch Openclaw — Elasticsearch OpenClaw — AI 编排搜索与分析参考

Name: Elasticsearch Openclaw — Elasticsearch OpenClaw — AI 编排搜索与分析参考
Author: Alex Salgado

Alex Salgado

Elasticsearch Openclaw — Elasticsearch OpenClaw — AI 编排搜索与分析参考

v1.1.1

提供 Elasticsearch 9.x 的只读参考，用于 AI 编排的搜索和分析，涵盖语义搜索、向量搜索、混合搜索和经典搜索模式。

0· 476·1 当前·1 累计

by @salgado (Alex Salgado)·MIT-0

API工具网络工具安全自动化 AI模型访问

下载技能包

License

MIT-0

最后更新

2026/2/26

安全扫描

VirusTotal

无害

查看报告

OpenClaw

可疑

high confidence

本技能以只读 Elasticsearch 参考形式呈现，但其指令和参考文件包含特权写操作（创建 API 密钥、索引、推理端点、摄取管道）和不一致的元数据关于所需秘密 — 请谨慎操作。

评估建议

本技能主要包含文档，安装风险较低，但在提供凭据前应了解重要矛盾。文件包括创建 API 密钥、索引、推理端点、摄取管道和索引文档的示例 — 所有这些都是需要超出只读权限的写操作。如果您只想要读/查询能力：(1) 不提供集群管理员凭据 — 创建并提供针对特定索引的专用只读 API 密钥，具有类似 ["read","view_index_metadata"] 的权限；(2) 避免提供可以创建 API 密钥或修改索引的密钥；(3) 审查参考文件并删除或忽略执行写操作的 PUT/POST 示例；(4) 注意技能的元数据不一致（文档中提到的环境变量未在注册表中）并在需要信任此技能进行自动化使用时优先使用作者的明确通信。如果计划让代理自主运行，要求最小权限凭据并考虑在信任行为之前禁用自主调用或审计操作。...

详细分析 ▾

⚠ 用途与能力

The skill's name and description claim a read-only reference for Elasticsearch 9.x, which justifies needing ELASTICSEARCH_URL and a read-only API key. However, parts of the content (examples and reference files) show write/create operations (POST /_security/api_key, PUT my-index, PUT _inference, PUT _ingest/pipeline, POST my-index/_doc). Creating API keys or inference endpoints requires elevated privileges that are not consistent with a pure read-only documentation skill. Also the top-level registry metadata listed no required env vars while SKILL.md metadata declares ELASTICSEARCH_URL and ELASTICSEARCH_API_KEY — an internal inconsistency.

⚠ 指令范围

SKILL.md and the reference files explicitly include commands that mutate cluster state: creating API keys (POST /_security/api_key), index mappings (PUT my-index), creating inference endpoints (PUT _inference), ingest pipelines (PUT _ingest/pipeline), and indexing documents (POST my-index/_doc). These go beyond read-only search/aggregation examples and could lead an agent to perform privileged operations if given sufficient credentials. The docs also reference additional secrets (JINA_API_KEY) in examples that aren't declared in the skill metadata.

✓ 安装机制

This is an instruction-only skill with no install spec or code to write to disk, and requires no package downloads. That minimizes installation risk.

ℹ 凭证需求

SKILL.md declares ELASTICSEARCH_URL and ELASTICSEARCH_API_KEY (base64) which are expected for an ES integration. However: (1) the registry summary initially showed no required env vars (metadata mismatch); (2) the Python reference and env examples mention JINA_API_KEY (an additional external API key) but it's not declared in SKILL.md metadata as required — this is inconsistent and could lead to unexpected requests for secrets; (3) creating API keys (included as an example) requires privileges beyond a typical read-only API key, so granting cluster-level credentials to follow sample steps would be disproportionate.

ℹ 持久化与权限

The skill does not request 'always: true' or any special persistent installation. It instructs users to store the encoded API key in ~/.openclaw/workspace-[name]/.env, which is a normal workspace pattern. Still, because the docs include API-key creation steps, giving the skill credentials that allow API-key creation or index writes would expand its effective privileges — be careful to only provide a least-privilege read-only API key if you intend only read operations. Autonomous invocation is permitted by default (disable-model-invocation: false) but that alone is not flagged; combined with the write instructions it increases the blast radius if over-privileged credentials are provided.

安全有层次，运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发，无需署名。

查看条款 ↗

运行时依赖

🖥️ OSLinux · macOS · Windows

版本

latestv1.1.12026/2/25

安全改进：移除 curl 依赖，阐明只读性，添加安全注意事项

● 无害

安装命令点击复制

官方npx clawhub@latest install elasticsearch-openclaw

镜像加速npx clawhub@latest install elasticsearch-openclaw --registry https://cn.clawhub-mirror.com

技能文档

现代 Elasticsearch 9.x 模式用于 AI 编排应用。

🔒 安全模型：按设计只读

本技能提供 仅读操作的文档：搜索、聚合和分析。无写操作（索引、更新、删除）被包含或由代理执行。 注意： 本技能需要外部凭据（Elasticsearch API 密钥）才能工作。ClawHub 安全扫描器可能将其标记为“可疑” — 这对于集成外部服务的技能是预期的。所有代码是透明的 Markdown 文档。授予凭据前请审查。

快速开始 — 本地开发

对于本地 Elasticsearch 9.x 设置与 Kibana，使用官方 start-local 工具：

存储库：https://github.com/elastic/start-local
文档：https://www.elastic.co/start-local

一旦运行：

Elasticsearch：http://localhost:9200
Kibana：http://localhost:5601
凭据：elastic-start-local/.env

认证 — 始终使用 API 密钥

# 测试连接
 curl -s "$ELASTICSEARCH_URL" -H "Authorization: ApiKey $ELASTICSEARCH_API_KEY"
# Python 客户端 9.x
from elasticsearch import Elasticsearch
es = Elasticsearch(ES_URL, api_key=API_KEY)

参考文件

仅在需要时加载 — 不要一次加载所有：

文件	加载时...
`references/semantic-search.md`	设置 JINA、`semantic_text`、推理端点
`references/vector-search.md`	kNN 查询、`dense_vector` 映射、混合搜索与 RRF
`references/classic-patterns.md`	映射设计、布尔查询、聚合、分页
`references/python-client-9.md`	Python `elasticsearch` 9.x — 无 `body=`，关键字参数，类型提示

何时使用每个模式

用户询问意义 / 意图 / “找到类似 X 的产品” → semantic_text + 语义查询 → references/semantic-search.md 用户需要精确匹配 + 结合语义 → 混合搜索 (RRF) → references/vector-search.md 用户询问映射、字段类型、分析器、聚合 → 经典模式 → references/classic-patterns.md 用户使用 Python elasticsearch 库 → 始终检查 → references/python-client-9.md

安全最佳实践

始终使用 API 密钥而非用户名/密码
将 API 密钥范围限定为特定索引和最小权限
对于只读 OpenClaw 访问：privileges: ["read", "view_index_metadata"]
将凭据存储在 .env 中，永远不要在脚本中硬编码
.env 始终在 .gitignore 中

POST /_security/api_key {
  "name": "openclaw-readonly",
  "role_descriptors": {
    "reader": {
      "indices": [{
        "names": ["my-index"],
        "privileges": ["read"]
      }]
    }
  }
}
// 响应：{
  "id": "VuaCfGcBCdbkQm-e5aOx",
  "name": "openclaw-readonly",
  "api_key": "ui2lp2axTNmsyakw9tvNnw",
  "encoded": "VnVhQ2ZHY0JDZGJrUW0tZTVhT3g6dWkybHAyYXhUTm1zeWFrdzl0dk5udw=="
}

⚠️ 立即保存响应中的 encoded 字段 — 之后无法检索。将其添加到 ~/.openclaw/workspace-[name]/.env 中作为 ELASTICSEARCH_API_KEY

Modern Elasticsearch 9.x patterns for AI-orchestrated applications.

🔒 Security Model: Read-Only by Design

This skill provides documentation for read-only operations only: search, aggregations, and analytics. No write operations (indexing, updates, deletions) are included or executed by the agent.

Note: This skill requires external credentials (Elasticsearch API key) to function. ClawHub security scanners may flag this as "suspicious" — this is expected for skills that integrate with external services. All code is transparent markdown documentation. Review before granting credentials.

Quick Start — Local Dev

For local Elasticsearch 9.x setup with Kibana, use the official start-local tool:

Repository: https://github.com/elastic/start-local
Documentation: https://www.elastic.co/start-local

Once running:

Elasticsearch: http://localhost:9200
Kibana: http://localhost:5601
Credentials: elastic-start-local/.env

Auth — Always Use API Keys

# Test connection
curl -s "$ELASTICSEARCH_URL" -H "Authorization: ApiKey $ELASTICSEARCH_API_KEY"# Python client 9.x
from elasticsearch import Elasticsearch
es = Elasticsearch(ES_URL, api_key=API_KEY)

Reference Files

Load these only when needed — do not load all at once:

File	Load when...
`references/semantic-search.md`	Setting up JINA, `semantic_text`, inference endpoint
`references/vector-search.md`	kNN queries, `dense_vector` mapping, hybrid search with RRF
`references/classic-patterns.md`	Mapping design, boolean queries, aggregations, pagination
`references/python-client-9.md`	Python `elasticsearch` 9.x — no `body=`, keyword args, type hints

When to Use Each Pattern

User asks about meaning / intent / "find products like X" → semantic_text + semantic query → references/semantic-search.md User needs exact match + semantic combined → hybrid search (RRF) → references/vector-search.md User asks about mapping, field types, analyzers, aggregations → classic patterns → references/classic-patterns.md

User uses Python elasticsearch library → always check → references/python-client-9.md

Security Best Practices

Always use API keys over username/password
Scope API keys to specific indices and minimal privileges
For read-only OpenClaw access: privileges: ["read", "view_index_metadata"]
Store credentials in .env, never hardcode in scripts
.env always in .gitignore

POST /_security/api_key
{
  "name": "openclaw-readonly",
  "role_descriptors": {
    "reader": {
      "indices": [{ "names": ["my-index"], "privileges": ["read"] }]
    }
  }
}// Response:
{
  "id": "VuaCfGcBCdbkQm-e5aOx",
  "name": "openclaw-readonly",
  "api_key": "ui2lp2axTNmsyakw9tvNnw",
  "encoded": "VnVhQ2ZHY0JDZGJrUW0tZTVhT3g6dWkybHAyYXhUTm1zeWFrdzl0dk5udw=="
}

⚠️ Save the encoded field from the response immediately — it cannot be retrieved later. Add to: ~/.openclaw/workspace-[name]/.env as ELASTICSEARCH_API_KEY

数据来源：ClawHub ↗ · 中文优化：龙虾技能库

OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险，如需更匹配、更安全的方案，建议联系付费定制

了解定制服务

License

运行时依赖

版本

安装命令 点击复制

技能文档

🔒 安全模型：按设计只读

快速开始 — 本地开发

认证 — 始终使用 API 密钥

参考文件

何时使用每个模式

安全最佳实践

🔒 Security Model: Read-Only by Design

Quick Start — Local Dev

Auth — Always Use API Keys

Reference Files

When to Use Each Pattern

Security Best Practices

安装命令点击复制