Requirements
- Target platform
- OpenClaw
- Install method
- Manual import
- Extraction
- Extract archive
- Prerequisites
- OpenClaw
- Primary doc
- SKILL.md
Tencent SkillHub Β· AI
Safe Exec 0.3.2
Safe command execution for OpenClaw Agents with automatic danger pattern detection, risk assessment, user approval workflow, and audit logging. Use when agents need to execute shell commands that may be dangerous (rm -rf, dd, fork bombs, system directory modifications) or require human oversight. Provides multi-level risk assessment (CRITICAL/HIGH/MEDIUM/LOW), in-session notifications, pending request management, and non-interactive environment support for agent automation.
skill openclawclawhub Free
Safe command execution for OpenClaw Agents with automatic danger pattern detection, risk assessment, user approval workflow, and audit logging. Use when agents need to execute shell commands that may be dangerous (rm -rf, dd, fork bombs, system directory modifications) or require human oversight. Provides multi-level risk assessment (CRITICAL/HIGH/MEDIUM/LOW), in-session notifications, pending request management, and non-interactive environment support for agent automation.
β¬ 0 downloads β
0 stars Unverified but indexed
Install for OpenClaw
Quick setup
- Download the package from Yavira.
- Extract the archive and review SKILL.md first.
- Import or place the package into your OpenClaw setup.
Package facts
- Download mode
- Yavira redirect
- Package format
- ZIP package
- Source platform
- Tencent SkillHub
- What's included
- CHANGELOG.md, IMPACT_ASSESSMENT.md, PROJECT_STRUCTURE.md, README-detail.md, README.md, README_EN.md
Validation
- Use the Yavira download entry.
- Review SKILL.md after the package is downloaded.
- Confirm the extracted package contains the expected setup assets.
Install with your agent
Agent handoff
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
New install
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete.
Upgrade existing
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run.
Trust & source
Release facts
- Source
- Tencent SkillHub
- Verification
- Indexed source record
- Version
- 1.0.0
Provenance
- Publisher
- Lucky-2968
- Source page
- View original listing
- Canonical URL
- Open canonical page
Documentation
SafeExec - Safe Command Execution
Provides secure command execution capabilities for OpenClaw Agents with automatic interception of dangerous operations and approval workflow.
Features
π Automatic danger pattern detection - Identifies risky commands before execution π¨ Risk-based interception - Multi-level assessment (CRITICAL/HIGH/MEDIUM/LOW) π¬ In-session notifications - Real-time alerts in your current terminal/session β User approval workflow - Commands wait for explicit confirmation π Complete audit logging - Full traceability of all operations π€ Agent-friendly - Non-interactive mode support for automated workflows π§ Platform-agnostic - Works independently of communication tools (Feishu, Telegram, etc.)
Installation (One Command)
The easiest way to install SafeExec: Just say in your OpenClaw chat: Help me install SafeExec skill from ClawdHub OpenClaw will automatically download, install, and configure SafeExec for you!
Alternative: Manual Installation
If you prefer manual installation: # Using ClawdHub CLI export CLAWDHUB_REGISTRY=https://www.clawhub.ai clawdhub install safe-exec # Or download directly from GitHub git clone https://github.com/OTTTTTO/safe-exec.git ~/.openclaw/skills/safe-exec chmod +x ~/.openclaw/skills/safe-exec/safe-exec*.sh
Enable SafeExec
After installation, simply say: Enable SafeExec SafeExec will start monitoring all shell commands automatically!
How It Works
Once enabled, SafeExec automatically monitors all shell command executions. When a potentially dangerous command is detected, it intercepts the execution and requests your approval through in-session terminal notifications. Architecture: Requests stored in: ~/.openclaw/safe-exec/pending/ Audit log: ~/.openclaw/safe-exec-audit.log Rules config: ~/.openclaw/safe-exec-rules.json
Usage
Enable SafeExec: Enable SafeExec Turn on SafeExec Start SafeExec Once enabled, SafeExec runs transparently in the background. Agents can execute commands normally, and SafeExec will automatically intercept dangerous operations: Delete all files in /tmp/test Format the USB drive SafeExec detects the risk level and displays an in-session prompt for approval.
Risk Levels
CRITICAL: System-destructive commands (rm -rf /, dd, mkfs, etc.) HIGH: User data deletion or significant system changes MEDIUM: Service operations or configuration changes LOW: Read operations and safe file manipulations
Approval Workflow
Agent executes a command SafeExec analyzes the risk level In-session notification displayed in your terminal Approve or reject via: Terminal: safe-exec-approve <request_id> List pending: safe-exec-list Reject: safe-exec-reject <request_id> Command executes or is cancelled Example notification: π¨ **Dangerous Operation Detected - Command Intercepted** **Risk Level:** CRITICAL **Command:** `rm -rf /tmp/test` **Reason:** Recursive deletion with force flag **Request ID:** `req_1769938492_9730` βΉοΈ This command requires user approval to execute. **Approval Methods:** 1. In terminal: `safe-exec-approve req_1769938492_9730` 2. Or: `safe-exec-list` to view all pending requests **Rejection Method:** `safe-exec-reject req_1769938492_9730`
Configuration
Environment variables for customization: SAFE_EXEC_DISABLE - Set to '1' to globally disable safe-exec OPENCLAW_AGENT_CALL - Automatically enabled in agent mode (non-interactive) SAFE_EXEC_AUTO_CONFIRM - Auto-approve LOW/MEDIUM risk commands
Examples
Enable SafeExec: Enable SafeExec After enabling, agents work normally: Delete old log files from /var/log SafeExec automatically detects this is HIGH risk (deletion) and displays an in-session approval prompt. Safe operations pass through without interruption: List files in /home/user/documents This is LOW risk and executes without approval.
Global Control
Check status: safe-exec-list View audit log: cat ~/.openclaw/safe-exec-audit.log Disable SafeExec globally: Disable SafeExec Or set environment variable: export SAFE_EXEC_DISABLE=1
Reporting Issues
Found a bug? Have a feature request? Please report issues at: π https://github.com/OTTTTTO/safe-exec/issues We welcome community feedback, bug reports, and feature suggestions! When reporting issues, please include: SafeExec version (run: grep "VERSION" ~/.openclaw/skills/safe-exec/safe-exec.sh) OpenClaw version Steps to reproduce Expected vs actual behavior Relevant logs from ~/.openclaw/safe-exec-audit.log
Audit Log
All command executions are logged with: Timestamp Command executed Risk level Approval status Execution result Request ID for traceability Log location: ~/.openclaw/safe-exec-audit.log
Integration
SafeExec integrates seamlessly with OpenClaw agents. Once enabled, it works transparently without requiring changes to agent behavior or command structure. The approval workflow is entirely local and independent of any external communication platform.
Platform Independence
SafeExec operates at the session level, working with any communication channel your OpenClaw instance supports (webchat, Feishu, Telegram, Discord, etc.). The approval workflow happens through your terminal, ensuring you maintain control regardless of how you're interacting with your agent.
Support & Community
GitHub Repository: https://github.com/OTTTTTO/safe-exec Issue Tracker: https://github.com/OTTTTTO/safe-exec/issues Documentation: README.md ClawdHub: https://www.clawhub.ai/skills/safe-exec
License
MIT License - See LICENSE for details.
Category context
Agent frameworks, memory systems, reasoning layers, and model-native orchestration.
Source: Tencent SkillHub
Largest current source with strong distribution and engagement signals.
Package contents
Included in package
6 Docs
- CHANGELOG.md
- IMPACT_ASSESSMENT.md
- PROJECT_STRUCTURE.md
- README_EN.md
- README-detail.md
- README.md