by 安全扫描
OpenClaw
可疑
high confidenceNULL
评估建议
Do NOT install this skill into a production agent without review and changes. Specific issues to consider:
- generate-birth-id.js writes private_key in plaintext into ~/.openclaw/birth-info.json; this is sensitive and the README warns encryption is preferred but the code does not enforce it. Replace with encrypted storage or remove storing of raw private_key.
- decrypt-wallet.js prints the private key to stdout by default (contradicts SKILL.md which promises 'NEVER show full private key'). Modif...详细分析 ▾
⚠ 用途与能力
Name/description claim birth, pack/unpack, and lineage management — that is consistent with the included scripts. However the pack script includes workspace/skills/memory and system metadata (hostname/platform) when creating migration archives, which is broader than a minimal 'birth id' manager and can cause unintentional bundling of arbitrary user data. The SKILL metadata indicates no required env vars, but code relies on several (IS_CLONE, BIRTH_PRIVATE_KEY_PASSWORD, BIRTH_PACK_PASSWORD, OPENCLAW_WORKSPACE etc.), so the declared capabilities do not fully match what the code needs.
⚠ 指令范围
SKILL.md asserts 'All operations local, no network calls' and 'Passwords via env only' and promises 'NEVER show full private key' on decryption. The code contradicts this: generate-birth-id.js stores raw private_key in birth-info.json, decrypt-wallet.js prints the private key to stdout by default (unless the user sets DECRYPT_OUTPUT_TO_FILE), and pack.js embeds the pack password in the generated MIGRATION.md (leaking the password inside the package). pack.js also collects hostname/platform and may include workspace/skills/memory directories in the archive — this can unintentionally capture sensitive files. These are scope and data-handling mismatches with the SKILL.md promises.
ℹ 安装机制
There is no external install spec (no network downloads) so nothing is fetched from unknown URLs at install time — that's lower risk. The package includes multiple Node JS scripts and implicitly requires Node modules (ethers, archiver) but the metadata only lists 'node' as a required binary; dependency installation is not declared. No extract-from-URL installs were found.
⚠ 凭证需求
The skill metadata declares no required env vars, but the code uses and/or relies on many environment settings: IS_CLONE (behavior change), BIRTH_PRIVATE_KEY_PASSWORD (decrypt private keys), BIRTH_PACK_PASSWORD (pack encryption password; defaults to 'default-secret-password' when unset), DECRYPT_OUTPUT_TO_FILE (controls writing private key to file), OPENCLAW_CONFIG_PATH/OPENCLAW_WORKSPACE (paths). Requiring or using private-key passwords and writing/reading birth-info.json are highly sensitive actions; the lack of declared credentials and the presence of an insecure default password in pack.js are disproportionate and not properly advertised.
ℹ 持久化与权限
The skill does not request 'always: true' and is user-invocable only — normal. It reads and writes the user's ~/.openclaw/birth-info.json and creates files under /tmp and ~/Desktop or the target dir during pack/unpack. That file I/O is expected for a birth/pack/unpack tool, but because of the sensitive nature of what it writes (plaintext private_key, encrypted backups, MIGRATION.md with password), the persistence behavior increases risk if installed without careful review.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.2.02026/3/8
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install birth-system-manager
镜像加速npx clawhub@latest install birth-system-manager --registry https://cn.longxiaskill.com