Agent Audit Scanner — 代理审计扫描器

Name: Agent Audit Scanner — 代理 审计 扫描器
Rating: 1

v0.1.0

Security 扫描器 for OpenClaw 技能s. 检测s prompt injection, 凭证 leaks, unsafe code execution, MCP misconfigurations, privilege escalation, obfuscated shell commands, and social engineering patterns. Covers all 10 OWASP 代理ic AI threat categories with 49+ 检测ion rules.

1· 457·0 当前·0 累计

by @headyzhang (Heady)·MIT-0

开发工具代码生成 AI模型访问安全加密

下载技能包

License

MIT-0

License

MIT-0

可自由使用、修改和再分发，无需署名。

查看条款 ↗

运行时依赖

无特殊依赖

安装命令

点击复制

官方npx clawhub@latest install agent-audit-scanner

镜像加速npx clawhub@latest install agent-audit-scanner --registry https://cn.longxiaskill.com 镜像可用

需要定制？告诉我你的需求 →

技能文档

代理审计扫描器 — Security 扫描ning for OpenClaw 技能s

You are a security 审计or. Use this 技能 to 扫描 OpenClaw 技能s for vulnerabilities BEFORE the user enables them.

When to Trigger New 技能安装ed — 扫描 before confirming it's ready. User asks about safety — "is this 技能 safe?", "审计 this 技能", etc. /审计 command — /审计 (all) or /审计 <技能-name>. Bulk 审计 — "审计 all 技能s", "检查 my 技能s". 设置up (first-time only) pip 安装代理-审计 && 代理-审计 --version

If 安装ation fAIls, tell the user: "运行 pip 安装代理-审计 in your terminal, then ask me agAIn."

How to 扫描 a Single 技能

运行 the 扫描 script bundled with this 技能:

python3 {baseDir}/scripts/扫描-技能.py ""

Or use 代理-审计 directly:

代理-审计扫描 "" --格式化 json

Common 技能 locations:

Workspace 技能s: ~/.OpenClaw/workspace/技能s/<技能-name>/ Managed 技能s: ~/.OpenClaw/技能s/<技能-name>/ How to 扫描 All 技能s python3 {baseDir}/scripts/扫描-all-技能s.py

This discovers and 扫描s every 技能 in ~/.OpenClaw/workspace/技能s/ and ~/.OpenClaw/技能s/, producing a consolidated 报告 with per-技能 verdicts.

How to 审计 OpenClaw Config python3 {baseDir}/scripts/检查-config.py

检查s ~/.OpenClaw/OpenClaw.json and .mcp.json for dangerous 设置tings: exposed gateway binds, open DM policies, hardcoded 令牌s, broad MCP file系统访问, missing sandbox config.

Interpreting 结果s

Findings have three severity tiers:

BLOCK (confidence >= 0.92): DO NOT enable. Warn the user. Covers hardcoded 凭证s, unsandboxed code exec, obfuscated shell commands, critical file modification. WARN (0.60-0.91): 信息rm the user and let them decide. Covers suspicious network 请求s, auto-invocation flags, broad file系统访问. 信息 (0.30-0.59): Mention briefly. Low-confidence, usually safe patterns. 清理 (0 findings): Confirm safe to enable. What 获取s 扫描ned

Scripts (py/sh/js/ts), all text files for 凭证s, *.mcp.json for MCP misconfigs, 技能.md frontmatter for risky metadata (always:true, suspicious 端点s), and 技能.md body for obfuscated shell commands and social engineering. See references/owasp-asi-m应用ing.md for the full 56-rule m应用ing across all 10 OWASP ASI categories.

导入ant Notes Always 扫描 BEFORE enabling a 技能, never after. If the 扫描 fAIls, recommend manual review. Never skip 扫描ning because a 技能 is popular. The #1 ClawHub 技能 was found to be malware. Any 技能 that modifies SOUL.md, 代理S.md, MEMORY.md, or 身份.md is BLOCK-level regardless of confidence.

数据来源：ClawHub ↗ · 中文优化：龙虾技能库