ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

claw-security-panel

v1.0.0

OpenClaw 安全检查面板(Python 3.7+ 兼容)。用户发送"启动安全检查"时触发,按四大类检查:接入安全、权限安全、执行安全、韧性安全。生成带 token 的临时 HTML 页面,含风险详情子页面和一键修复功能。

0· 100·0 current·0 all-time
byH4xssck3r#codeplay_team@haxsscker

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for haxsscker/claw-security-panel.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "claw-security-panel" (haxsscker/claw-security-panel) from ClawHub.
Skill page: https://clawhub.ai/haxsscker/claw-security-panel
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install claw-security-panel

ClawHub CLI

Package manager switcher

npx clawhub@latest install claw-security-panel
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to run a local security panel and the included Python script implements many described checks (gateway, HTTPS, auth, login sources, file scanning, git/backup checks). However the manifest declares no required binaries/credentials while the runtime calls external system binaries (openclaw, last, sudo, curl) and expects Python 3 — the lack of declared runtime binaries is an inconsistency but not necessarily malicious.
!
Instruction Scope
The SKILL.md and start.sh/scripts instruct reading system-level data: /var/log/auth.log (using sudo), output of last, shell/command history, workspace files, and critical OpenClaw config files. They also provide one-click auto-fix actions that can modify config files. All of the above are security-relevant and go beyond simple readonly checks; the instructions will access/modify sensitive local files and potentially require elevated privileges. This scope is coherent with a security scanner but increases risk and requires explicit user consent and environment checks.
!
Install Mechanism
There is no declared install spec (instruction-only), but start.sh launches a server from /tmp/security_panel_server.py (nohup python3 /tmp/security_panel_server.py "$TOKEN" "$PORT"). That server file is not present in the manifest — implying the runtime may generate and execute code in /tmp. Dynamically generating and executing code that is not part of the published package is a significant risk and not documented in SKILL.md.
!
Credentials
requires.env lists none, but the code accesses sensitive system areas (auth logs, workspace files, OpenClaw config) and invokes sudo in scripts. It also scans for plaintext secrets. The skill will attempt to read credentials and system logs without declaring any required privileges; it may fail unless the user has passwordless sudo or is root. The lack of declared required binaries (curl, sudo, openclaw, git) is inconsistent with actual behavior.
Persistence & Privilege
always:false and the skill is user-invocable (normal). The skill writes /tmp/security_report.json, /tmp/security_panel.pid and launches a background Python server on a local port (18790). Running as a background service and writing temp files is expected for a local panel, but because the server code is generated/executed from /tmp (not included in the package), this elevates the risk profile — the service could run code not visible in the manifest.
What to consider before installing
This skill largely does what it says (local security checks and a temporary web panel), but several red flags deserve attention: - Missing runtime declarations: start.sh and the script call external commands (openclaw, last, sudo, curl, git) though the registry metadata lists no required binaries. Expect failures or hidden prompts for sudo. Ensure these tools and privileges are acceptable before running. - Reads sensitive data: the script reads /var/log/auth.log, runs last, and scans your workspace for plaintext secrets. That is appropriate for a security scanner, but you should only run it on systems you control and after making backups. - Dynamically generated server: start.sh launches /tmp/security_panel_server.py which is not part of the published files. The security_check.py likely writes and then executes a server script — code executed from /tmp is not visible in the manifest and could perform additional actions (network calls, exfiltration). Before running, inspect the runtime-generated /tmp/security_panel_server.py and /tmp/security_report.json to ensure they contain only the expected server and HTML content. - Auto-fix behavior: the tool can perform 'one-click' fixes (file permissions, modifying config.json). Review suggested fixes and back up affected files before applying automated fixes. - Recommended mitigations: run this skill in an isolated environment (VM/container) first, examine the generated /tmp files before execution, ensure you have recent backups, and run with minimal necessary privileges (avoid running as root). If you want to proceed, ask the publisher for the server code (the file created in /tmp) and full script contents (untruncated) so you can review all runtime behavior. If you cannot inspect the generated server, do not run it on production hosts.

Like a lobster shell, security has layers — review code before you run it.

latestvk974qafjtvmbgprcbnje57727x83h4we
100downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
H4xssck3r#codeplay_team@haxsscker
latest
Download

OpenClaw Security Panel v2

触发条件

用户发送以下消息时触发:

  • "启动安全检查"
  • "安全检查"
  • "检查安全配置"

检查框架(四大类)

A. 接入安全 (Access Security) 🔐

  • HTTPS 加密:检查是否启用 HTTPS
  • 网关绑定:检查是否暴露在公网(0.0.0.0 vs 127.0.0.1)
  • 端口配置:检查是否使用默认端口 18789
  • 认证机制:检查是否配置口令/token 认证
  • 登录来源检测:检查历史登录日志,识别非常用地 IP 登录风险,提供 ACL 策略配置建议

B. 权限安全 (Permission Security) 👤

  • 运行用户:检查是否以 root 运行
  • 关键文件保护:检查预加载的.json 和.md 文件是否有防修改声明(#lock/#protected)
  • 文件权限:检查工作区文件权限设置
  • 明文密码检测:扫描安装目录下是否有明文密码保存

C. 执行安全 (Execution Security) ⚙️

  • 版本检查:当前 OpenClaw 版本
  • 漏洞扫描:已知 CVE 漏洞检查
  • 插件风险:已安装技能的安全风险
  • 高风险命令检测:检查近 3 天执行命令历史,识别增加用户、删除文件、修改密码、端口转发等高风险操作

D. 韧性安全 (Resilience Security) 🛡️

  • 登录 IP:检查已登录 IP 是否异常(外部 IP 检测)
  • 备份状态:检查配置和工作区备份
  • 版本控制:检查 git 仓库状态

功能特性

1. 主页面

  • 整体风险等级展示
  • 四大类检查概览
  • 通过检测项统计(不计入低风险)
  • 风险数量统计
  • 右侧"查看风险详情"按钮

2. 风险详情子页面 (/claw_security_pannel/risks)

  • 风险列表,每项包含:
    • 风险等级标签(HIGH/MEDIUM/LOW)
    • 详细描述
    • 修复方案说明
    • 修复后影响提示(避免误修复)
    • 可自动修复/需人工修复标识
  • 勾选框(仅可自动修复的风险可勾选)
  • 一键修复按钮

3. 修复功能

  • 可自动修复:文件权限、备份创建等
  • 需人工修复:HTTPS 配置、密码迁移、认证配置等
    • 禁止勾选
    • 显示"🔧 需人工修复"标识
    • 提供详细修复指南

输出格式

主页面

http://127.0.0.1:18790/claw_security_pannel?token=<token>

风险详情子页面

http://127.0.0.1:18790/claw_security_pannel/risks?token=<token>

API 接口

GET /claw_security_pannel/api/report

获取完整检查报告 JSON

POST /claw_security_pannel/api/fix

{
  "token": "<token>",
  "riskIds": ["id1", "id2"]
}

响应:

{
  "success": true,
  "fixed": ["风险项 1", "风险项 2"],
  "errors": [],
  "message": "成功修复 2 项"
}

环境要求

  • Python 版本: Python 3.7+
  • 依赖: 仅使用 Python 标准库
  • 兼容性: 已针对 Python 3.7-3.12 测试

注意事项

  • Token 有效期 30 分钟
  • 面板服务运行在独立端口(18790)
  • 通过检测的项直接显示"通过",不计入风险统计
  • 敏感操作(如密码修改)必须人工确认
  • 修复前会显示修复后的影响提示

Comments

Loading comments...