ClawHub

Skill Auditor (于松涛版)

v1.0.0

安全审计OpenClaw技能,检测文件操作、网络请求、命令执行、权限和数据泄露等安全风险并生成报告。

0· 140·0 current·0 all-time
by@yustnust
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (skill security auditor) match the delivered artifacts: SKILL.md, auditor.py, and audit_config.json implement static file scanning for dangerous patterns. Declared permissions (file_system read) align with the need to read skill files. No unrelated credentials, binaries, or install steps are requested.
Instruction Scope
SKILL.md instructs the agent to provide a skill path, run a scan, and generate a report. The code implements exactly that: recursive read of files under the provided path, regex checks, import analysis, and report generation. It does not attempt network calls, environment-variable access, or modifying other skills. Note: the auditor will read all files under the supplied path (including any sensitive files if you point it at system locations).
Install Mechanism
No install spec or external downloads. This is an instruction-plus-source skill; it doesn't fetch or extract remote code and does not install third-party packages. Risk from install mechanism is low.
Credentials
No environment variables, credentials, or unusual config paths are required. The only declared permission is file_system read, which is appropriate for an auditor. The required inputs are proportional to the stated purpose.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or cross-skill privileges. It does request read access to the filesystem (skill.json). This is necessary for its function but means you should avoid pointing it at system/root directories or other skills' private data to prevent accidental exposure of sensitive files.
Assessment
This skill appears to be what it says: a local static auditor that reads files under a path you provide and reports matches against configurable regex rules. Before running it: (1) only audit skill project directories you control or trust — do not point it at /, your home directory, or other sensitive locations; (2) expect false positives (allowed_imports is conservative and will flag many imports by default); (3) you can review/adjust audit_config.json (patterns, allowed_imports) to reduce noise; (4) the tool does not perform network calls or exfiltrate data, but it will read any file under the supplied path — treat that as a local read-only operation. If you want extra safety, run it in a sandboxed environment or on a copy of the skill files.

Like a lobster shell, security has layers — review code before you run it.

latestvk979vf8f4dkbjzfsa0q8sx2jgs832r2n
140downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
@yustnust
latest
Download

skill-auditor - 技能安全审计工具

描述

对OpenClaw技能进行安全审计,检查潜在的安全风险和恶意代码。

安全检查项

1. 文件操作检查

  • 检查是否包含危险的文件操作(如删除系统文件、修改系统配置)
  • 检查文件路径处理是否存在路径遍历问题
  • 检查是否过度依赖外部文件路径

2. 网络操作检查

  • 检查网络请求是否指向可疑域名
  • 检查是否包含未经用户确认的外部数据传输
  • 检查是否使用安全的HTTPS协议

3. 命令执行检查

  • 检查是否包含exec、process等命令执行工具的使用
  • 检查命令参数是否存在注入风险
  • 检查是否执行危险系统命令

4. 权限检查

  • 检查是否请求过高权限
  • 检查是否访问敏感数据区域

5. 数据泄露检查

  • 检查是否包含发送个人信息的代码
  • 检查是否访问敏感凭证信息

使用方法

  1. 提供要审计的技能路径
  2. 执行安全扫描
  3. 生成安全报告
  4. 根据风险等级决定是否安装

安全等级定义

  • 安全:无风险
  • 低风险:轻微风险,可控
  • 中风险:需谨慎,用户确认
  • 高风险:存在明显安全隐患,不推荐使用

Comments

Loading comments...