Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
系统命令
v1.0.0执行Windows常见系统命令(如ipconfig、tasklist、netstat、systeminfo及别名命令)并返回格式化结果,支持安全分级和自定义配置。
⭐ 1· 43·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description match the code: JS scripts execute Windows commands (PowerShell/CMD) and provide alias/config support. Minor inconsistencies: README/README.md sometimes references a Python subprocess implementation while shipped code is Node.js; SKILL metadata says "instruction-only" / no OS restriction, yet the implementation and docs require Windows/PowerShell. These are likely sloppy packaging but worth noting.
Instruction Scope
SKILL.md and the scripts implement pre-defined safe commands, alias resolution, and a /system_cmd exec <command> custom mode with safety checks and time/output limits. That matches the stated scope. However custom-exec still runs arbitrary shell commands (via child_process.exec) with heuristics/regex to block dangerous patterns — such filters can be bypassed by clever inputs. The skill also hot-loads/reads config.json from disk (included in package) to resolve aliases.
Install Mechanism
No install spec or remote downloads; all code is bundled in the skill package. No network fetches or third-party install steps were observed in the manifest, which reduces supply-chain risk.
Credentials
The skill requests no environment variables or external credentials. It reads a local config.json (present in the package) which is reasonable for alias configuration. No unrelated credentials or config paths are requested.
Persistence & Privilege
always:false and agent autonomous invocation defaults are normal. The skill executes system commands as the agent process and may run commands that require elevated privileges; high-risk commands are gated by a textual confirmation mechanism (--yes). This is expected behavior but increases blast radius if the agent or skill is run with elevated rights.
What to consider before installing
This skill appears to do what it claims (run Windows commands) and contains code that enforces whitelists, timeouts and forbidden-pattern checks. Before installing: 1) Confirm you only run it on Windows test machines or VMs — the implementation expects PowerShell/CMD. 2) Review the bundled scripts (especially v3/v4) and config.json yourself; aliases can expand into commands. 3) If you don't need custom command execution, disable or remove the /system_cmd exec feature to avoid arbitrary command execution. 4) Don't grant the agent or this skill administrative privileges; high-risk operations will still run if invoked with elevated rights. 5) Be aware filters use regex/heuristics and could be bypassed; consider running the skill in an isolated environment and auditing logs. 6) Note the packaging inconsistencies (docs mentioning Python, metadata claiming instruction-only), which suggest the package may have been assembled sloppily — request the author clarify or provide a clean, single-language implementation if you require higher assurance.Like a lobster shell, security has layers — review code before you run it.
latestvk97f971e3pmw4z5d77wr8hszhx84hehn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.