中文 网站部署
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
Install only if you want an agent to help run deployment commands. Before use, verify the project directory contains no secrets, confirm Docker Hub and server targets, and manually review DNS changes because they affect public traffic. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run with the wrong project directory, image name, or server target, the agent could publish the wrong files or start a public service unintentionally.
The skill explicitly calls for shell execution and Docker commands that build, push, and run containers. This is central to website deployment, but these commands can change the local machine, Docker Hub, and a server.
| `exec` | 执行 Docker 命令 | 是 | ... docker build ... docker push ... docker run -d -p 80:80
Review each command, use a clean project directory, add a .dockerignore for secrets, and confirm image names, ports, and server targets before execution.
The agent may act using accounts that can publish images, modify server state, or change domain routing.
The deployment flow expects access to Docker Hub, a server, and a domain registrar or DNS provider. These credentials are expected for the stated purpose, but they grant account and infrastructure authority.
docker login ... Docker Hub 账户 | 已有 ... 服务器 | SSH 访问 ... 域名 | 已注册
Use least-privilege accounts or scoped tokens where possible, avoid sharing passwords directly, and confirm any Docker Hub, SSH, or DNS changes.
Incorrect DNS records could point a domain to the wrong server or make the site unavailable until records are corrected and propagation completes.
DNS changes propagate publicly and can take time to reverse. This is normal for a deployment skill, but mistakes can affect site availability beyond the current session.
添加 DNS 记录:- A 记录:@ → <服务器IP> - CNAME:www → @ ... 等待 DNS 传播(5分钟-48小时)
Confirm the domain, target IP, and rollback plan before changing DNS records.