by 安全扫描
OpenClaw
可疑
medium confidenceThe skill's stated purpose (an AI security scanner) is plausible, but its runtime instructions ask you to fetch and run code from an external GitHub repo and reference integrations (ClamAV, Telegram, cron deployment, host-level scans) without declaring required binaries, credentials, or integrity checks — these inconsistencies merit caution before installing.
评估建议
This skill appears to be a legitimate security scanner, but it asks you (or the agent) to fetch and run code from an external GitHub repository and references integrations (ClamAV, Telegram, cron) without declaring required binaries or credentials. Before installing or running it: 1) review the referenced GitHub repo source (src/scanner.py and deployment scripts) and a pinned commit or tag; 2) confirm what environment variables and host binaries (ClamAV, Telegram bot token) it will actually need...详细分析 ▾
ℹ 用途与能力
The name and description (security scanner + runtime guard + ClamAV + audit logging) align with the SKILL.md content. However the skill claims ClamAV integration, Telegram alerting, and 'deployed on this instance' status while the registry metadata lists no required binaries, env vars, or config paths. That mismatch (external integrations declared but not requested) is unexpected.
⚠ 指令范围
SKILL.md explicitly instructs cloning a GitHub repository into the agent workspace and running python3 projects/OpenClaw-Shield/src/scanner.py against arbitrary paths. The scanner is documented to check sensitive locations (e.g., ~/.ssh, ~/.aws) and to enforce allowlists and cron-based automated scans. Running downloaded scanner code with access to host files (and potentially modifying cron/allowlists) goes beyond a purely informational skill and requires careful review and least-privilege controls.
⚠ 安装机制
The skill is instruction-only (no bundled code) but tells the operator/agent to git clone a third-party GitHub repository at runtime. There are no checksums, release tags, or pinned commit references; fetching and executing remote code without integrity verification is a supply-chain risk. Although no install spec is provided in the registry, the runtime actions effectively perform an install from an external source.
⚠ 凭证需求
Registry metadata declares no required environment variables or binaries, but the documentation references ClamAV, Telegram alerting, and host-level scanning. Telegram integration implies a bot token/endpoint; ClamAV requires a host binary or daemon. The scanner also inspects sensitive paths. Required credentials and binaries are not declared, which is disproportionate and obscures what secrets/privileges the tool will need.
ℹ 持久化与权限
The skill is not marked always:true and allows model invocation (default). SKILL.md suggests setting up daily cron scans and enabling runtime guards via repo config files; if followed, these actions would create persistent scheduled jobs and potentially change local allowlists. That behavior is powerful but not automatically enabled by the registry — still verify cron/installation steps before applying.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
安装命令
点击复制官方npx clawhub@latest install openclaw-shield-1-0-3
镜像加速npx clawhub@latest install openclaw-shield-1-0-3 --registry https://cn.longxiaskill.com 镜像可用
本土化适配说明
Openclaw Shield 1.0.3 — 安全防护工具 安装说明: 安装命令:["openclaw skills install openclaw-shield-1-0-3","npx clawhub@latest install openclaw-shield-1-0-3"]