Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Security Testing Agent
v1.0.0安全测试Agent。漏洞扫描、渗透测试、代码审计、安全加固。触发词:安全、渗透、漏洞、xss、sql注入、csrf、扫描、审计。
⭐ 0· 3·0 current·0 all-time
by@sky-lv
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (security testing, scanning, pentest, code audit) align with the SKILL.md content: SAST/DAST/SCA/static secret scanning/container scanning and example scanner code. The required environment, binaries, and config paths are minimal and consistent with an instruction-only pentesting helper. The SKILL.md references common tools (SonarQube, Semgrep, ZAP, Burp, Snyk, Trivy) which are expected for this domain.
Instruction Scope
The provided instructions include runnable scanner code that issues HTTP requests with offensive payloads (SQL injection strings, XSS payloads, time-based tests, etc.). This is consistent with a pentest tool but means the skill performs active probing and can be destructive (e.g., payloads like "'; DROP TABLE users--"). The SKILL.md also mentions static-secret scanning and other tools which imply reading project files or repositories; the skill does not declare explicit limits or require an authorization token, so you must ensure explicit permission before use. The SKILL.md lists many external tools but provides no install steps — the agent may assume those tools are available or try to run equivalent Python code, which could fail or behave unexpectedly.
Install Mechanism
No install spec and no code files beyond SKILL.md means nothing will be downloaded or written by an installer. That lowers supply-chain risk. However, because the document references many third-party tools without providing installers, users should be aware they need to install and trust those tools themselves.
Credentials
The skill declares no required environment variables or credentials. The example scanner accepts an optional api_key parameter but the skill does not demand or request access to unrelated secrets. There is no evidence the skill tries to read unrelated environment variables or system config.
Persistence & Privilege
always is false and there are no install hooks or persistent components. The skill does not request to modify other skills or global agent settings; it is instruction-only and only runs when invoked.
Assessment
This skill appears coherent for its stated purpose, but it performs active scans and includes potentially destructive payloads. Before installing or using it: 1) Only run scans against systems you explicitly have permission to test; unauthorized scanning may be illegal. 2) Review the full SKILL.md and any referenced repository (skill.json points to a GitHub URL) to confirm the author and intent—the registry metadata shows an unknown source. 3) Run the skill in an isolated/test environment (or sandbox) first to avoid accidental damage to production systems. 4) The SKILL.md references many external tools but won't install them for you—install and vet those tools yourself. 5) Do not provide credentials or tokens to the skill unless you understand and trust where they will be used; prefer ephemeral/test credentials. If you want higher assurance, request the complete SKILL.md and verify there are no instructions that read or exfiltrate local files or environment variables before running.Like a lobster shell, security has layers — review code before you run it.
latestvk977vszvp3dqeryzz6rgsf87nx84gk64
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🔒 Clawdis