Agent Security Skill Scanner Gitee
Security checks across malware telemetry and agentic risk
Overview
The scanner’s main purpose is plausible, but its instructions reference unreviewed or missing background automation and inconsistent install sources, so it should be reviewed before use.
Install only from the repository/version you intended to trust, avoid running the documented daemon or missing helper scripts until their source is available, and use limited API keys if enabling LLM analysis or webhooks.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could be guided to install or run code from a different repository than the reviewed skill package.
The documented source install URL differs from the registry/homepage repository shown for this skill, creating provenance ambiguity about which code a user or agent should trust and run.
git clone https://github.com/agent-security/scanner.git
Pin one authoritative repository and version, align the registry metadata with the install instructions, and avoid directing users to unreviewed alternate sources.
Following the docs may require running missing or externally obtained helper code whose behavior was not included in this review.
The instructions reference lingshun_scanner_daemon.py and related automation scripts, but those files are not present in the supplied manifest, so their behavior is not reviewable here.
nohup python3 lingshun_scanner_daemon.py > logs/daemon.log 2>&1 &
Include all referenced runtime helpers in the package, or remove those commands until the source, scope, and version are reviewable.
A background scanner or optimizer could continue consuming resources or processing files after the user expected the task to be done.
This command starts a background daemon that can keep running after the immediate user task, but the artifacts do not define its operating scope, stop procedure, or containment.
nohup python3 lingshun_scanner_daemon.py > logs/daemon.log 2>&1 &
Do not run the daemon commands until the helper source is present and the documentation clearly states what it monitors, how long it runs, where it writes data, and how to stop it.
Users may need to provide provider credentials that are not visible in the registry’s declared credential contract.
The skill documents an optional LLM API key for analysis; this is expected for the advertised LLM feature, but the registry metadata declares no environment variables or primary credential.
export LLM_API_KEY=your_api_key
Declare optional credentials and document the minimum required scope; users should use a dedicated, limited API key.
Sensitive source code or security findings could be sent to an external provider if LLM analysis is enabled.
The optional LLM analysis feature implies sending scanned code or findings to a configured external LLM endpoint; this is purpose-aligned but affects data boundaries.
export LLM_API_URL=https://api.example.com/v1/chat
Use only trusted LLM endpoints, review provider retention policies, and avoid enabling LLM analysis on confidential code unless approved.
Users might over-trust the scanner’s results and skip human review or independent validation.
The documentation makes very strong security-performance claims. The artifacts include self-reported validation data, but users should not treat those claims as independent assurance.
**检测率 (DR)** | **100%**
Treat the scanner as an aid, validate it on your own samples, and keep human review for high-risk findings.