by 安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
Before installing: (1) Inspect the GitHub repo (https://github.com/virattt/dexter) manually — review package.json, src code, network calls, and the sed change to tool-executor.ts — do not run bun install blindly. (2) Do not store high-privilege or reused API keys in the .env in plaintext on a host you care about; prefer scoped/test keys. (3) Run the install and the skill in an isolated, non-root environment (container or VM) and restrict network access if possible. (4) Confirm why the registry m...详细分析 ▾
⚠ 用途与能力
The skill's purpose (stock/crypto research) matches the need to talk to market data and LLM providers, but the registry metadata declares no required environment variables or credentials while SKILL.md requires multiple API keys (Anthropic, FinancialDatasets, Tavily). That mismatch is incoherent and unexplained. The instructions also hardcode cloning a repository from an unknown GitHub account (virattt) — plausible for implementation but increases trust requirements.
⚠ 指令范围
SKILL.md instructs the agent/operator to: git clone an external repo, run bun install (install packages), create a .env with multiple API keys, patch source files via sed, write config and helper scripts, and run tmux sessions. These actions download and modify code and require placing secrets on disk. The instructions operate outside a purely read-only querying scope and grant broad discretion to execute arbitrary code from the cloned repo.
⚠ 安装机制
There is no formal install spec; instead the SKILL.md tells you to clone https://github.com/virattt/dexter.git and run bun install. Downloading and executing dependencies from an unvetted GitHub repository and running its JS toolchain is a moderate-to-high risk install pattern (archive/external code will be written and executed). GitHub itself is a known host, but the author/account is not verified and the repo will run arbitrary dependencies.
⚠ 凭证需求
Registry lists no required env vars, but the instructions require at least three API keys (ANTHROPIC_API_KEY, FINANCIAL_DATASETS_API_KEY, optional TAVILY_API_KEY) and instruct creating a .env file that stores them. Requesting LLM and market-data API keys is sensible for the stated purpose, but the absence of these declarations in the registry metadata is an inconsistency. The instructions also suggest storing keys in plaintext under the skill workspace (risky if not isolated).
ℹ 持久化与权限
The skill does not request always:true and does not declare system-wide changes beyond its own workspace. However, it instructs creating files under /root/clawd-workspace/dexter and patching repository source files (sed). Running the code will allow autonomous network access to external APIs (normal for this use case) — consider this an ordinary but significant persistence and network privilege that should be confined to an isolated environment.
安全有层次,运行前请审查代码。
运行时依赖
🖥️ OSmacOS · Linux
版本
latestv1.0.02026/1/11
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install dexter
镜像加速npx clawhub@latest install dexter --registry https://cn.longxiaskill.com