by 安全扫描
OpenClaw
可疑
medium confidenceThe package mostly does what it says (local cost/memory/coordination tooling) but there are a few coherence and data-sensitivity issues you should understand before installing.
评估建议
This package appears to implement local cost, memory, compaction and coordination tools and does not fetch remote code or request credentials — but there are a few things to check before installing:
- Data exposure: several scripts run the 'openclaw status' CLI and parse its output, then write session identifiers and other status lines to local logs/reports under ~/.openclaw/bw-openclaw-boost/memory/logs and cost reports. Inspect what 'openclaw status' prints on your system; if it includes sess...详细分析 ▾
ℹ 用途与能力
The skill's name/description match the included scripts: cost tracking, memory compaction, permission management and a local coordinator. However the SKILL.md repeatedly asserts it "does not access global ~/.openclaw" while the installer and SKILL layout install the skill into ~/.openclaw/bw-openclaw-boost — this is a borderline inconsistency (subdir under the global app directory). That installation target is plausible for an OpenClaw plugin but contradicts the stronger claim of not touching a global ~/.openclaw location.
⚠ 指令范围
Runtime instructions and scripts are local-only (install.sh copies files to ~/.openclaw/bw-openclaw-boost and tools run from there). Several tools call the local 'openclaw' CLI (subprocess.run(['openclaw','status'])) to read session/status lines. Parsing and persisting 'openclaw status' output (e.g., session keys/agent identifiers) into local logs/reports may capture sensitive session identifiers or metadata. The SKILL.md claims "only read-only openclaw CLI calls" which is true technically, but reading and storing status output can leak identifiers—this is scope-creep relative to a purely passive helper and should be considered when evaluating data exposure.
✓ 安装机制
No remote download/install spec; the skill is instruction+local files with an install.sh that copies files into the user's home (~/.openclaw/bw-openclaw-boost) and sets execute bits. That is low risk from supply-chain perspective (no arbitrary network fetch).
ℹ 凭证需求
The skill requests no environment variables or external credentials, which fits its stated design. However multiple scripts parse and persist data derived from the local 'openclaw status' CLI (session keys, 'agent:' identifiers, cache percentages). While not requesting secrets, the code writes these identifiers to local logs/reports under the skill directory, which could be sensitive depending on what 'openclaw status' prints.
✓ 持久化与权限
always:false and no special platform-wide privileges. The installer creates a per-skill directory under ~/.openclaw and writes config/memory/logs there; it does not attempt to modify other skills or global agent config beyond placing files in ~/.openclaw/bw-openclaw-boost. This is expected for a local plugin, though the choice of parent directory (the global ~/.openclaw) is worth noting.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.2.42026/4/3
清理所有GuBao路径引用,统一使用技能本地目录
● 无害
安装命令
点击复制官方npx clawhub@latest install bw-openclaw-boost
镜像加速npx clawhub@latest install bw-openclaw-boost --registry https://cn.longxiaskill.com