by 安全扫描
OpenClaw
安全
high confidenceNULL
评估建议
This skill appears to implement a local-only scanner and is internally consistent with its purpose. Before running: (1) manually inspect scan.py if you want to be extra cautious (it contains many base64-encoded regexes used to detect malicious patterns); (2) note the small README vs. file-location mismatch (SKILL.md references scripts/scan.py while the file is at the root) — adjust the command accordingly; (3) run the scanner on a copy or in an isolated environment if you're scanning untrusted s...详细分析 ▾
✓ 用途与能力
Name and description match the included SKILL.md and scan.py: both describe a local scanner for OpenClaw skills. No unrelated credentials, binaries, or config paths are requested.
ℹ 指令范围
SKILL.md instructs the agent to ask for a skill path (or scan installed skills) and run the included Python scanner — this stays within the stated purpose. Minor inconsistency: the README shows running scripts/scan.py but the provided file is at the repository root (scan.py). Nothing in the instructions directs the agent to read unrelated system files or transmit data externally.
✓ 安装机制
No install spec is provided (instruction-only plus a single Python script). This is low-risk: nothing will be downloaded or written to disk by an installer step beyond the existing files.
✓ 凭证需求
The skill requires no environment variables or credentials. It reads (with user approval) skill files under the user's skill directories, which is expected for a scanner. Requested file access is proportional to its purpose.
✓ 持久化与权限
The skill does not request always-on presence and does not attempt to modify other skills or system-wide agent settings. The default autonomy setting is present but not combined with any concerning privileges.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.22026/3/13
NULL
● 无害
安装命令
点击复制官方npx clawhub@latest install clawskillguard
镜像加速npx clawhub@latest install clawskillguard --registry https://cn.longxiaskill.com