Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Security Audit Hand
v1.0.0自主安全审计 - 定期检查系统安全、发现风险、生成报告
⭐ 0· 364·1 current·1 all-time
byxiaomo@bandwe
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (periodic security audit) align with the actions in SKILL.md: system info collection, config/log inspection, permission checks and report generation. The file paths and commands referenced are relevant to auditing OpenClaw and host system state.
Instruction Scope
Instructions tell the agent to run shell commands (uname, netstat, curl), query OpenClaw CLI, read ~/.openclaw files (openclaw.json, .api-keys.md), and grep logs in /tmp/openclaw/*.log. Those are reasonable for an audit but access secrets and logs — the SKILL.md grants broad read access to user config and logs which is sensitive. 'memory_recall' usage is runtime-specific and may expose agent memory.
Install Mechanism
No install spec and no code files (prompt-only). This minimizes risk from downloading/executing third-party code; nothing is written to disk by an installer.
Credentials
The skill declares no required env vars or credentials, which is appropriate, but its instructions explicitly read files that likely contain API keys and tokens (e.g., ~/.openclaw/.api-keys.md and openclaw.json). Accessing those secrets is expected for an auditor but is sensitive — the skill does not request explicit consent or mention exfiltration controls.
Persistence & Privilege
always:false and no install steps mean it does not force permanent presence or modify other skills. It relies on agent invocation (normal). It does reference saving history and notification settings in templates, but no mechanism for persisting or self-enabling is provided in the package.
Assessment
This SKILL.md appears coherent for a local security auditor, but it will read configuration files and logs (which may contain API keys or other secrets) and run system/network commands. Before using it: (1) review the SKILL.md line-by-line so you understand what files and commands will be accessed; (2) run the audit in a controlled environment (non-root account or test host) if you are concerned about exposure; (3) back up and/or rotate any secrets that will be inspected if you aren't comfortable exposing them; (4) ensure results are stored locally and not automatically posted to external channels (the config mentions notify_channel like 'feishu' — configure or disable it); (5) be aware memory_recall may surface agent memory contents — remove or restrict that step if needed. Because the skill is instruction-only and makes no installs, the main risk is sensitive-data exposure through the audit steps rather than hidden code. If you want higher assurance, ask the author for an explicit privacy/exfiltration statement or run the procedure manually following the provided commands.Like a lobster shell, security has layers — review code before you run it.
autonomousvk97bm511cr403n82tp9qs4t0rs824311latestvk97bm511cr403n82tp9qs4t0rs824311securityvk97bm511cr403n82tp9qs4t0rs824311
License
MIT-0
Free to use, modify, and redistribute. No attribution required.