by 安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
This skill generally does what it says (maintain a SOUL.md and run a reflection pipeline) but contains several red flags you should address before installing:
- The skill asks for API keys (MOLTBOOK_API_KEY, X_BEARER_TOKEN) in its docs but the registry lists no required env vars — expect the skill will prompt for keys at runtime. Prefer to provide env var names (not raw keys), or set the vars yourself instead of pasting keys into an agent prompt.
- SKILL.md/configure.md instruct the agent to ...详细分析 ▾
⚠ 用途与能力
The skill legitimately wants to ingest external feeds (Moltbook/X) to evolve an agent's SOUL, so requesting API access is coherent — but the registry metadata declares no required env vars or primary credential while the runtime config and guides reference MOLTBOOK_API_KEY and X_BEARER_TOKEN. That mismatch (no declared env but explicit runtime use) is inconsistent and unexplained.
⚠ 指令范围
SKILL.md and configure.md are written directly to the agent and instruct it to: prompt for raw API keys, write them into the user's shell profile (.zshrc/.bashrc/.profile), export them into the current session, read and modify OpenClaw config (e.g., ~/.openclaw/config.json), create/ enforce a tight memory file structure, and create/remove cron jobs. These are system-level changes outside the agent workspace and broaden the skill's scope beyond simple data handling.
ℹ 安装机制
There is no remote install script or network download — the skill is instruction-heavy and ships code files (validators, a visualizer). No external installers or downloads are used, which reduces some risk. However, the presence of multiple Python tools/validators means code will run in the agent's environment — review them before trusting the skill.
⚠ 凭证需求
Although feed API keys are plausible for the stated purpose, the skill (a) didn't declare required env vars in the registry metadata and (b) encourages automatically saving raw keys into shell startup files. Requiring raw user API keys and writing them to persistent shell profiles without explicit human-run commands is disproportionate and increases the risk of secret exposure or accidental misuse.
⚠ 持久化与权限
The skill isn't marked always:true (good), but it explicitly instructs the agent to create persistent artifacts: env exports in user shell profiles, cron jobs, and edits to OpenClaw heartbeat/agent config. Those actions grant long-lived, cross-agent influence and increased privilege beyond the workspace; combined with autonomous invocation default this raises the blast radius if misused.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.12026/2/17
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install evoclaw
镜像加速npx clawhub@latest install evoclaw --registry https://cn.longxiaskill.com