by 安全扫描
OpenClaw
安全
high confidenceThe skill's files and runtime instructions are coherent with a CTF binary-exploitation reference: it asks for tool installation and describes many pwn techniques, and it does not request unrelated credentials or hidden network endpoints.
评估建议
This skill is essentially a large offline reference and cookbook for binary exploitation; that matches its name. Before installing or enabling it: (1) confirm you trust the publisher/source — the package contains detailed exploit recipes that you probably don't want running on a production host; (2) run the agent (and any tool installs the SKILL.md recommends) in a disposable/sandboxed environment (VM or container) because the instructions encourage installing and running low-level tooling and e...详细分析 ▾
ℹ 用途与能力
The name/description match the contents: extensive pwn techniques (overflows, ROP, heap, kernel, Windows, sandbox escapes) and install instructions for pwntools/ROP tools. One inconsistency: the SKILL.md metadata sets 'user-invocable: "false"' while registry metadata lists the skill as user-invocable (default true). This is a metadata mismatch to be aware of but does not indicate hidden behavior.
ℹ 指令范围
SKILL.md contains installation and usage instructions (pip, gem, apt, brew, qemu, gdb, etc.) and many exploit recipes. All actions are aligned with a pwn reference. The instructions assume internet access and the ability to run shell/python commands and write files (pwntools scripts, QEMU images). They do not instruct reading unrelated host secrets or calling external endpoints not related to tool installation, but they do imply installing third-party tools from the network and running potentially risky exploit/test code.
✓ 安装机制
Instruction-only skill (no install spec, no code files executed by an installer). The SKILL.md recommends installing packages via pip/apt/brew/gem, which is expected for this domain. No downloaded archives or obscure URLs in an automated install step are embedded in the skill package itself.
✓ 凭证需求
The skill declares no required environment variables, credentials, or config paths. The requested capabilities (filesystem agent with bash/Python and internet access) are reasonable for running pwntools/ROP tooling.
✓ 持久化与权限
The skill does not request 'always: true' and is not attempting to modify other skills or system-wide agent settings. It does list allowed-tools that include write/edit (consistent with creating exploit scripts), but it doesn't demand permanent presence or elevated platform privileges in metadata.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
安装命令
点击复制官方npx clawhub@latest install ctf-pwn
镜像加速npx clawhub@latest install ctf-pwn --registry https://cn.longxiaskill.com 镜像可用