Cron 评估器
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill mostly analyzes cron jobs, but it also imports and loads local helper/model files from unreviewed paths in ways that could execute code if those files exist or are replaced.
Review or remove the KAN model-loading pieces before installing. If you use it, run only the basic cron scan on trusted files, avoid unreviewed model checkpoints, and be aware that cron command lines may contain sensitive information.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the v3 analyzer could execute code embedded in a local model file if that file is malicious or replaced.
torch.load with weights_only=False can unpickle and execute code from a checkpoint. The model file is referenced but not included in the reviewed manifest, so its provenance is unclear.
MODEL_PATH = 'models/cron_kan.pt' ... checkpoint = torch.load(MODEL_PATH, map_location='cpu', weights_only=False)
Use a reviewed model file with a checksum, load only safe state_dict weights, and prefer weights_only=True or another safe serialization format.
If a file named kan_auto_evolution.py exists at that path, running v2 may execute unreviewed local code unrelated to the packaged skill.
The script adds an absolute external directory to Python's module search path and imports a helper that is not present in the skill manifest. Importing that module would run its top-level code.
sys.path.insert(0, '/mnt/Morgana')
try:
from kan_auto_evolution import KANAutoEvolverRemove the hardcoded external import, bundle and review any required helper, or make it an explicit, pinned dependency.
Cron entries can reveal private file paths, internal service names, or secrets embedded in command lines.
The analyzer reads local crontab data and hardcoded workspace crontab files. This is aligned with cron auditing, but it brings cron command contents into the agent's output.
crontab_file = Path(path) / '.openclaw' / 'crontab' ... result = os.popen('crontab -l 2>/dev/null').read()Run scans only when you are comfortable sharing the displayed cron commands with the agent, and prefer a workspace-specific scan when possible.