总结
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: zongjie Version: 1.0.5 The `SKILL.md` file explicitly instructs the AI agent to execute shell commands, specifically `python3 ~/.openclaw/scripts/memory_mgr.py add <agent> "<内容>" P1 L1` and similar commands in the '常用命令' section. These commands pass user-derived content (e.g., `"<内容>"`) as arguments directly to a shell. This design introduces a significant shell injection vulnerability, allowing a malicious user to potentially execute arbitrary commands on the host system if the input is not properly sanitized or quoted. While this presents a critical RCE risk, there is no clear evidence of intentional malicious behavior (e.g., data exfiltration, backdoor installation) by the skill developer, thus classifying it as suspicious rather than malicious.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Incorrect, stale, or overly broad memories could be reused later, and P0/L0 entries could influence future agent behavior until removed or changed.
The skill intentionally creates persistent memories, including entries that may be loaded into future sessions and affect agent context or behavior.
| **L0** | 核心索引,始终加载 | 每次会话 | ... | **P0** | 永不过期 | 核心人设、操作规则、关键偏好 |
Only save durable rules or preferences with clear user intent, avoid putting secrets into memory, and reserve P0/L0 for explicitly approved long-term information.
If the local memory manager script is untrusted or modified, using this command could affect local memory files beyond what the SKILL.md itself shows.
The skill documents an optional command that runs a local memory-management script outside the included instruction-only artifact.
python3 ~/.openclaw/scripts/memory_mgr.py add <agent> "<内容>" P1 L1
Run the helper command only if you trust the local OpenClaw memory manager script; otherwise save or edit the documented memory files directly.