by 安全扫描
OpenClaw
安全
high confidenceThe plugin's code, README, and runtime instructions consistently implement an OpenClaw hook that delegates exec calls to a local `rtk rewrite` binary; nothing requested or installed by the plugin itself is disproportionate to that purpose.
评估建议
This plugin appears to do exactly what it claims: intercept exec calls and call your local `rtk rewrite`. Before installing, verify and trust the `rtk` binary you will delegate to (review its source or install method). Avoid enabling audit logging if your commands may contain secrets (or ensure auditDir is a secure local path). Prefer installing RTK from a trusted package manager over piping a remote install script to sh. Test the plugin in a safe environment (verbose mode, with rewriting enable...详细分析 ▾
✓ 用途与能力
Name/description say it will intercept exec calls and delegate to `rtk rewrite`. The TypeScript hook registers a before_tool_call for toolName === 'exec' and calls `rtk rewrite <cmd>`; config flags match the declared behavior. No unrelated credentials, binaries, or paths are requested by the plugin.
ℹ 指令范围
SKILL.md and index.ts stay within the claimed scope (intercept exec, call rtk, optionally write audit logs). Notable: the plugin logs original commands to an audit file when audit is enabled, which may record sensitive arguments or secrets. The plugin also replaces and returns the rewritten command for execution — the security of that behavior depends on trusting the `rtk` binary.
ℹ 安装机制
The skill is instruction-only (no install spec) and requires manual copying into the extensions directory. The README suggests installing `rtk` via Homebrew or a curl | sh installer from a GitHub raw URL; fetching and running remote install scripts is a separate risk (not part of this plugin) that users should evaluate before running.
ℹ 凭证需求
The plugin itself requires no credentials or special env vars. It reads RTK_AUDIT_DIR and HOME for audit log placement, which is reasonable. However, enabling auditing will persist original commands to disk (possible sensitive data), and the plugin delegates functionality to the external `rtk` tool which may require its own credentials or network access — review `rtk`'s own requirements before trusting it.
✓ 持久化与权限
The plugin is not always-enabled by default and does not request global privileges. Installation requires copying files into the user's OpenClaw extensions directory and enabling the plugin in config, which is normal for plugins and limited in scope.
⚠ index.ts:16
Shell command execution detected (child_process).
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.15.32026/3/11
补充 repository 字段并发布 0.15.3
● 可疑
安装命令 点击复制
官方npx clawhub@latest install rtk-rewrite
镜像加速npx clawhub@latest install rtk-rewrite --registry https://cn.clawhub-mirror.com
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制