by 安全扫描
OpenClaw
可疑
medium confidenceThe skill's purpose (installing and authenticating OB1) matches its instructions, but the runtime instructions include a curl|bash remote installer and guidance to transmit device-auth codes via chat — both are common for CLI installers but carry nontrivial risks that users should understand before proceeding.
评估建议
This skill appears to do what it says, but proceed with caution: 1) The installer command pipes a remote script to bash — inspect the script before running (download it first and review its contents or verify a checksum) or ask the vendor for a package you can audit. 2) Run the installer in a controlled environment (non-root user, container, or VM) if you want to limit risk. 3) The device-code auth will save tokens under ~/.ob1; keep that directory secure and avoid sharing tokens. 4) When the sk...详细分析 ▾
✓ 用途与能力
Name/description (install and authenticate OB1) align with the instructions. The SKILL.md only covers download, install, device-code auth flow, and verification; there are no unrelated env vars, binaries, or config paths requested.
ℹ 指令范围
Instructions are scoped to installation and device-code authentication. They instruct the agent/operator to run the installer, keep the process alive for the device-code flow, and deliver the code to the user via chat — which is expected for this flow, but the guidance to transmit auth codes over chat is a potentially sensitive step and must only be done to the legitimate human user.
⚠ 安装机制
The SKILL.md tells the agent to run `curl -fsSL https://dashboard.openblocklabs.com/install | bash`. Piping a remote script directly to a shell executes arbitrary code from the network and is higher risk than an install from a vetted package repository. While the domain matches the product name, the installer content is not shown for review and the instruction will write binaries and tokens under ~/.ob1 and ~/.local/bin.
ℹ 凭证需求
No environment variables or external credentials are requested by the skill, which is proportionate. The installer and auth flow will store auth tokens and settings under ~/.ob1 (settings.json and saved tokens) — these are sensitive and should be protected. The skill does not request unrelated credentials.
✓ 持久化与权限
The skill is instruction-only, not always-enabled, and does not request elevated platform privileges. It instructs installation of user-local files (~/.ob1, ~/.local/bin) which is normal for a CLI tool and does not modify other skills or system-wide agent configs.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/3/13
Initial release of ob1-install: installs and authenticates OB1 (OpenBlock One) on macOS/Linux. - Provides installation command and post-install verification step. - Explains device code authentication flow, including headless/server usage. - Notes OB1 default settings and config file location. - Documents non-interactive command usage for automation.
● 可疑
安装命令 点击复制
官方npx clawhub@latest install ob1-install
镜像加速npx clawhub@latest install ob1-install --registry https://cn.clawhub-mirror.com
技能文档
Install
curl -fsSL https://dashboard.openblocklabs.com/install | bash
Installs to ~/.ob1/bin/ob1, symlinks to ~/.local/bin/ob1.
Verify: ob1 --version
Authentication
OB1 uses device code flow. Run ob1 and it will display:
To sign in: https://auth.openblocklabs.com/device
Enter code: XXXX-XXXX
Headless/server workflow:
- 开始 ob1 带有 PTY: auth URL 和 code appear 在...中 terminal
- 发送 code 到 用户 (通过 chat) — 它们 打开 URL 在...中 browser
- 用户 signs 在...中 和 approves
- OB1 shows "Authentication Successful!" 和 asks 到 confirm organization
- Press Enter 到 confirm — auth 令牌 saved 到
~/.ob1/
Important: 每个 ob1 process generates unique code. 如果 process dies, 新的 code needed. Keep process alive until 用户 confirms.
After first auth, all subsequent runs skip login.
Post-Install
- 默认 模型: Claude Opus 4.6
- 默认 mode: Safe YOLO
- 配置:
~/.ob1/settings.json - Non-interactive:
ob1 -p "task" -y -o text
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制