ClawHub

Skill Security Guard

v1.0.2

Skill 安全扫描器 - 检测第三方技能的恶意代码、信息泄露等安全风险,保护你的 AI 助手安全!

0· 141·0 current·0 all-time
by@sukimgit
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (security scanner) align with what is included: multiple checker modules (code/file/network/sensitive), a CLI entry (scanner.py), and a whitelist file. Required binary is only python and no unrelated credentials or unusual system paths are requested.
Instruction Scope
SKILL.md instructs running python scanner.py against a skill or directory. The scanner legitimately reads files, parses code (AST/regex), and may detect/flag env var usage or URLs. Note: the included network_checker can perform active network operations (port checks, SSL retrievals) and file_checker will stat/read files; these behaviors are expected for this tool but mean it will access local files and may perform network probes of hosts it discovers or is asked to check.
Install Mechanism
No install spec — instruction-only invocation requiring only Python 3.7+. The code uses only standard-library modules per files shown, matching the SKILL.md claim of 'no extra packages'. No remote downloads or archive extraction are present.
Credentials
The skill requests no environment variables or credentials. The code scans for patterns that indicate environment-variable usage in target code but does not itself require or exfiltrate credentials. No disproportionate secrets access is declared.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It does run code that may call subprocesses (netsh/iptables/systemctl) when checking firewall status — these calls are limited and expected for a network/security scanner, but may require appropriate OS permissions when executed.
Assessment
This skill appears to be a legitimate local security scanner. Before running it: 1) don’t point it at system root or sensitive directories (e.g., /, your home, or cloud creds directories) while running as an elevated user—it will read files and could report sensitive content; 2) expect active network checks if you allow network scanning or if the scanner is configured to validate discovered URLs (these can contact remote hosts); 3) review scanner output and the rules/whitelist (rules/safe_domains.json) and avoid running it with root unless necessary; 4) verify you trust the skill source/author before giving it access to private repositories or directories. If you want extra assurance, inspect scanner.py for any data exfiltration paths (e.g., code that posts findings to remote servers) — none were evident in the provided files, but the full scanner.py and remaining truncated files should be reviewed if you need maximum assurance.

Like a lobster shell, security has layers — review code before you run it.

latestvk97epgqwkxnrq6768npeykazvn83nnwj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🛡️ Clawdis
Binspython

Comments