Json Repair Kit
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: json-repair-kit Version: 1.0.0 The skill is classified as suspicious due to a critical Remote Code Execution (RCE) vulnerability in `index.js`. The `repairJson` function uses `vm.createContext` to evaluate user-provided JSON content, which is susceptible to known sandbox escape techniques. A malicious JSON file can be crafted to execute arbitrary Node.js code on the agent's system, despite the `SKILL.md` claiming the `vm` usage ensures 'no access to global scope or process.' This flaw allows an attacker to compromise the agent by providing a specially crafted input file.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A crafted or untrusted .json file could run JavaScript expressions inside the VM, hang the repair process, consume resources, or potentially exploit VM sandbox weaknesses.
The tool turns the target file contents into JavaScript code and executes it in a VM context. This is broader than repairing JSON syntax and lacks a timeout or other execution limits.
const script = new vm.Script('result = (' + content + ')'); ... script.runInContext(context);Use this only on files you trust. Prefer a non-executing JSON5/loose-JSON parser for repair, or add strict input limits, a timeout, and clear warnings against untrusted files.
Users may incorrectly believe it is safe to run this on arbitrary downloaded or repository files.
The safety wording is stronger than the implementation supports. The code still executes raw file contents as JavaScript, and Node VM execution should not be treated as a full security boundary for untrusted code.
**Eval Sandbox**: Uses `vm.runInNewContext` to parse, ensuring no access to global scope or process. It is safer than `eval()`.
Revise the documentation to say the VM approach is not safe for untrusted input, and clearly recommend trusted files only.
Running recursive repair could rewrite many invalid JSON files and create backup files throughout the selected directory.
The skill documents recursive repair of all .json files under a directory. This is purpose-aligned and user-directed, but it can cause broad local file mutations if used on a large project tree.
node skills/json-repair-kit/index.js --dir config/ --recursive
Run on a small, reviewed directory first, keep backups enabled, and review diffs before committing or relying on repaired files.
It may be harder to verify maintainership, update history, or report issues.
The skill has no declared source repository or homepage. The provided code is small and has no external dependencies, so this is a provenance note rather than a direct unsafe behavior.
Source: unknown; Homepage: none
Review the included code before use and prefer a package with a clear source repository if using it in sensitive environments.