Byted Security SkillsScanner

v1.0.1

审计和扫描技能的安全性。当用户希望对工作区中的其他技能进行安全扫描时使用。

⭐ 0· 137·0 current·0 all-time

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for volcengine-skills/byted-security-skillsscanner.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Byted Security SkillsScanner" (volcengine-skills/byted-security-skillsscanner) from ClawHub.
Skill page: https://clawhub.ai/volcengine-skills/byted-security-skillsscanner
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install byted-security-skillsscanner

ClawHub CLI

Package manager switcher

npx clawhub@latest install byted-security-skillsscanner

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The skill's declared purpose—scanning other skills by packaging and uploading them to a Volcengine scanning service—matches the included script and dependencies. However registry metadata declares no required environment variables or primary credential while the runtime instructions and code clearly require cloud credentials (AK/SK) and an upload endpoint. The mismatch between the registry metadata and runtime requirements is incoherent and should be resolved before trusting the skill.

Instruction Scope

SKILL.md and README instruct the agent to zip a user-specified skill directory and upload it to an external scanning API, which will transmit the entire archive (potentially containing secrets) off-host. That behavior is expected for a remote scanner, but the instructions do not emphasize the privacy/exposure implications. There are also inconsistencies in required environment variable names (see below). Overall the instructions stay within the stated scanning purpose but permit broad disclosure of the scanned skill's contents.

✓

Install Mechanism

There is no external download/install step in the registry spec; the package is instruction+script-only with a requirements.txt listing requests and volcengine SDK. No remote arbitrary code download or extraction from unknown URLs is present in the manifest. Running the script will require Python and the listed dependencies, but the install mechanism itself is low risk.

Credentials

The runtime requires cloud credentials (AK/SK) to sign and upload scan payloads to Volcengine. That is proportionate to the stated purpose, but the skill shows inconsistent env var names across SKILL.md, README, and examples (e.g., VOLCENGINE_ACCESS_KEY / VOLC_ACCESSKEY / VOLC_ACCESSKEY / VOLC_ENGINE names). The registry metadata incorrectly claims no required env vars. The README also suggests storing keys in a global openclaw.json config, which increases exposure if the format/keys are unclear. These inconsistencies create a real risk of misconfiguration and accidental credential leakage.

✓

Persistence & Privilege

The skill does not request 'always: true' and does not appear to modify other skills or system-wide agent settings. It only contains an executable script the user runs; there are no indicators of privileged persistent behavior in the manifest.

What to consider before installing

Before installing or running this skill: 1) Treat it as a remote-upload scanner — it will package and send the entire target skill directory to a remote service, so do NOT scan directories that contain secrets, API keys, or sensitive data. 2) Do not trust the registry metadata alone: the skill requires Volcengine AK/SK but the package metadata says none; verify which environment variable names the installed script actually reads before providing credentials. 3) Prefer using a throwaway/non-sensitive skill directory when testing; verify the upload endpoint (defaults point at open.volcengineapi.com but code also containsDEFAULT_BASE_URL pointing to localhost) and confirm you trust that endpoint. 4) Avoid storing real AK/SK in a global config until you confirm env var names and storage format — prefer ephemeral credentials or a least-privilege account scoped to scanning only. 5) If you need higher assurance, inspect the full script (scripts/scan.py) to confirm where it posts data and how it signs requests, or run it in an isolated environment (air-gapped or with network blocked) to observe behavior without exfiltration.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bgjkck5test61dp0xxw5yws83hr27

137downloads

0stars

2versions

Updated 1mo ago

v1.0.1

MIT-0

Volcengine技能安全扫描器 (Volcengine Skills Scanner)

通过将技能目录打包并上传火山引擎安全扫描服务进行扫描，审计工作区中的其他技能是否存在潜在的安全风险。

何时使用

审计：定期扫描所有技能以确保符合安全策略。
开发：在开发过程中检查自己的技能。
要求：必须确保目标技能包含 SKILL.md 文件，因为它是扫描的主要输入。

用法

使用 scripts/scan.py 脚本执行扫描。必须使用绝对路径，不要使用~，因为运行目录不是 skill 目录。

脚本会自动打包目录（如果提供的是目录）并上传，始终输出包含扫描结果的 JSON 数组。解析此JSON并以易读的格式（中文）向用户展示结果（风险等级、详细信息、建议）。

扫描技能（目录或压缩包）

脚本通过环境变量读取配置(推荐)

python3 ~/.openclaw/workspace/skills/byted-security-skillsscanner/scripts/scan.py --name "bad_skills1" --path "/root/.openclaw/workspace/skills/bad_skills1"

重要：

脚本路径必须是绝对路径
目标路径也必须是绝对路径
确保已设置必要的环境变量（VOLCENGINE_ACCESS_KEY、VOLCENGINE_SECRET_KEY、VOLCENGINE_REGION）

报告格式

向用户展示结果时，必须使用以下格式（中文）：

🛡️ 安全扫描报告：[SkillName]

扫描时间: [将 ScanEndTime 时间戳转换为可读日期格式] 整体状态: [✅ 通过 / ❌ 发现风险]

风险等级	规则名称	风险详情
[High/Medium/Low]	[RuleName]	[RiskDetail]

发现的风险列表： （仅列出 High 和 Medium 级别的风险）

[RuleName] (ID: [RuleID])
- 等级: [RiskLevel]
- 文件: [FileName]
- 详情: [RiskDetail]
- 建议: 请检查上述文件中的代码，移除可疑的网络请求或敏感操作。

环境变量配置

获取火山引擎访问凭证：参考用户指南获取 AK/SK
配置以下环境变量:

export VOLC_ACCESS_KEY="your-access-key"
export VOLC_SECRET_KEY="your-secret-key"
export VOLC_REGION="cn-north-1"  # 可选，默认 cn-north-1

Comments

Loading comments...