Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Electron客户端安全审查助手
v2.0.0对指定 Electron 应用执行全面安全审计,检测 asar 解包、DevTools 绕过、JS Bridge 利用、协议处理器漏洞、DLL 劫持及本地数据泄露,提供漏洞PoC。
⭐ 1· 104·0 current·0 all-time
by@x1ngsec
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (Electron security audit) align with the instruction content (asar extraction, DevTools bypass, fuse flipping, DLL hijack, local data exfiltration). However the SKILL metadata declares no required binaries/env but the SKILL.md repeatedly calls out external tools and commands (npx @electron/asar, npx @electron/fuses, 7z, sqlite3, procmon, nmap, python, curl, msfvenom, etc.). The lack of declared dependencies is an incoherence (the skill implicitly requires a broad toolchain).
Instruction Scope
The runtime instructions instruct the agent to read and modify local binaries (flip Fuses, unpack/repack ASAR, patch main.js, modify EXE), run debugger/inspectors, search local app data, and provide PoC that execute arbitrary commands and send data externally. While these actions are consistent with a deep security audit, the SKILL.md also mandates proactively overcoming protections ('flip Fuse', '备份原始文件后大胆修改', '主动解决遇到的所有障碍', '不要等用户指示') and includes example PoCs that exfiltrate to external URLs and run remote downloads — granting broad destructive/disclosure authority. There is no explicit requirement for obtaining host owner authorization or limiting actions to isolated/test environments.
Install Mechanism
There is no install spec (instruction-only), which minimizes code written to disk by the skill itself. However the instructions expect many third‑party tools (npx, 7z, sqlite3, Python modules, procmon, etc.). Because those tools are not declared, the runtime agent or user may be surprised to need them; they also increase operational risk when run automatically.
Credentials
The skill declares no required credentials or config paths, which is good. But the instructions direct reading of many local files/paths (application exe, %APPDATA%, cookies, leveldb, Local State) and propose actions that can expose environment secrets (process.env, cookies, keys). That access is coherent for an audit, but because no explicit safeguards or consent checks are present, the breadth of data access is notable and should be treated as high‑sensitivity.
Persistence & Privilege
The skill is not force-enabled (always:false) and does not request to persist or modify agent configurations. However its operational rules push for autonomous, intrusive remediation (automatic fuse flips, binary patches) — this grants the agent broad on-host authority during a run and so requires human oversight/explicit authorization before execution.
What to consider before installing
This skill is a powerful, hands‑on Electron pentest playbook (unpacking EXEs, flipping embedded fuses, patching apps, crafting PoCs that execute commands and exfiltrate data). That capability can be legitimate for authorized security testing but is dangerous if run against production or without explicit written consent. Before installing or enabling: 1) Ensure you have explicit authorization from the system/app owner (legal consent). 2) Run the skill only in isolated/test VMs or disposable hosts (snapshot/backup before any modification). 3) Confirm required tooling is installed (node/npm, npx, asar/fuses, 7z, sqlite3, python, procmon, nmap, etc.) — the skill does not declare these. 4) Require a human-in-the-loop for any destructive actions (fuse flips, binary patches, file writes) and review all PoC commands before execution (they include network downloads and remote code execution examples). 5) If you cannot provide isolation or supervision, do not run the parts that modify binaries or that send data externally. 6) Consider asking the skill author for: a minimal manifest of required tools, an explicit safety/consent checklist, and options to disable any network-exfil/traces in PoCs.Like a lobster shell, security has layers — review code before you run it.
latestvk977maaj1mmw9cxa4d6bb4c62h8445fk
License
MIT-0
Free to use, modify, and redistribute. No attribution required.