by 安全扫描
OpenClaw
安全
high confidenceThis is an instruction-only debugging workflow that is internally consistent with its stated purpose; it requests no credentials or installs and contains no code, but you should avoid pasting secrets or sensitive logs when using it and verify the author/source if that matters to you.
评估建议
This skill is an instruction-only debugging workflow and appears coherent and low-risk. Before using it: (1) do not paste secrets, API keys, or full production dumps into the 'logs' or 'environment' inputs — redact or sanitize sensitive data; (2) confirm the author/source if you require an official Red Hat integration (metadata claims 'RedHat Dev' but registry owner IDs differ in the included files); and (3) when applying fixes recommended by the skill, review and test diffs locally / in a stagi...详细分析 ▾
✓ 用途与能力
The name/description (debugging workflow) matches the contents: a step-by-step reproduce→isolate→fix→verify process. The skill declares no binaries, env vars, installs, or code, which is appropriate for an instruction-only debugging helper.
ℹ 指令范围
The SKILL.md instructs the agent to accept symptom, repro_steps, logs, and optional environment metadata. The instructions do not ask the agent to read system files, contact external endpoints, or access unrelated credentials, so scope is narrowly focused on debugging. Note: because 'environment' and 'logs' are permitted inputs, users must avoid providing secrets or sensitive production data in those fields.
✓ 安装机制
No install spec and no code files are present. This is lowest-risk: nothing is written to disk and no external packages are fetched.
ℹ 凭证需求
The skill declares no required environment variables or credentials (proportionate). However it accepts an optional 'environment' input (the doc says 'no secrets'). This is reasonable for debugging, but the skill cannot enforce that users omit secrets — avoid sending API keys, tokens, or other sensitive data in the 'environment' or 'logs' fields.
✓ 持久化与权限
always is false and the skill does not request persistent system-level presence or modify other skills. The default ability for the agent to invoke the skill autonomously is not by itself a concern here.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/4/24
Initial release of the debugging skill. - Provides a structured workflow: reproduce → isolate → fix → verify. - Defines clear inputs including error symptoms, logs, and environment details. - Includes step-by-step debugging process and validation requirements. - Outputs results in a standardized YAML format. - Emphasizes safety, test coverage, and minimal fixes. - Offers concrete examples for guidance.
● 无害
安装命令
点击复制官方npx clawhub@latest install axodus-debugging
镜像加速npx clawhub@latest install axodus-debugging --registry https://cn.longxiaskill.com