by 安全扫描
OpenClaw
安全
high confidenceNULL
评估建议
This skill appears safe: it only prints static documentation and requests no credentials or network access. Before installing, review the small script if you want full assurance and note the minor version-string mismatches (likely bookkeeping). If the publisher or repository changes in the future, re-check the code for any new network calls or credential usage.详细分析 ▾
✓ 用途与能力
The name/description (Compose reference) match the actual code: a small shell script that prints local reference text. All required resources are minimal and proportionate. Minor inconsistency: SKILL.md lists version 2.0.3, registry metadata is 2.0.4, and the script sets VERSION="2.0.2" — this is likely a bookkeeping/versioning mismatch but not a functional or security concern.
✓ 指令范围
SKILL.md instructs the agent to output plain-text reference documentation and explicitly states no external API calls or credentials. The included script only emits heredoc content and does not read other files, environment variables, or call external services.
✓ 安装机制
There is no install specification and no binaries or downloads. The skill is instruction-only plus a small local script, which is the lowest-risk install posture.
✓ 凭证需求
The skill requires no environment variables, credentials, or config paths. The script does not reference or attempt to read environment variables or secrets.
✓ 持久化与权限
always is false and the skill does not request persistent or elevated presence. It does not modify agent configuration or other skills.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv2.0.42026/3/18
NULL
● 无害
安装命令
点击复制官方npx clawhub@latest install compose
镜像加速npx clawhub@latest install compose --registry https://cn.longxiaskill.com