← Back to Skills Marketplace
SSL证书查询
by
sunny-lobster-api
· GitHub ↗
· v1.2.5
· MIT-0
94
Downloads
1
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install ssl-monitor
Description
查询域名 SSL 证书过期时间。用法:说「查 xxx.cn 证书」或「SSL 证书 xxx.com」即可。
Usage Guidance
This skill appears to do exactly what it claims: it uses openssl to connect to the domains you ask about and reports certificate expiry. Before installing, note that: (1) it will open outbound TCP connections to whatever domains you query (port 443) — avoid querying sensitive internal hosts if you don't want probes recorded in logs; (2) it creates/uses a domain list at ~/.openclaw/workspace/ssl-domains.txt (inspect or change that path if desired); (3) review the included check-ssl.sh yourself (it is small and readable) if you have strict security controls; and (4) ensure openssl is available on your system. There are no requested credentials or hidden network endpoints.
Capability Analysis
Type: OpenClaw Skill
Name: ssl-monitor
Version: 1.2.5
The skill provides legitimate SSL certificate monitoring functionality using openssl but contains a shell injection vulnerability. Both the core command in SKILL.md and the check-ssl.sh script use the domain variable directly in shell execution without input sanitization, which could be exploited to run arbitrary commands. No evidence of intentional malice, data exfiltration, or persistence was found.
Capability Assessment
Purpose & Capability
Name/description say 'check domain SSL certificate expiry' and the skill only requires openssl and performs TLS connections to the queried domains to read certificate end dates. The requirement (openssl) is appropriate and proportional.
Instruction Scope
SKILL.md and the included check-ssl.sh only read a domain list (default ~/.openclaw/workspace/ssl-domains.txt) or a provided domain, call openssl against the target host:443, parse dates, and output results. There are no instructions to read unrelated system files, secrets, or to send data to third-party endpoints beyond connecting to the target domains.
Install Mechanism
There is no install spec; this is instruction- and script-only. No downloads from external URLs or archive extraction are performed.
Credentials
The skill declares no required environment variables or credentials. The script writes/reads a domain file under the user's home workspace (~/.openclaw/workspace), which is reasonable for a domain-monitoring tool and does not require sensitive credentials.
Persistence & Privilege
The skill is user-invocable and not always-on. It does not request persistent elevated privileges or modify other skills' configuration. Its default behavior (creating a template domain file under the user's workspace) is limited in scope.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install ssl-monitor - After installation, invoke the skill by name or use
/ssl-monitor - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.2.5
- 中文用法说明补充,支持直接一句话查询域名 SSL 证书状态。
- 提供核心命令行逻辑,展示如何检测 SSL 证书过期时间及剩余天数。
- 增加详细响应示例,包含状态判定(正常/注意/紧急)。
- 明确依赖 openssl 工具。
Metadata
Frequently Asked Questions
What is SSL证书查询?
查询域名 SSL 证书过期时间。用法:说「查 xxx.cn 证书」或「SSL 证书 xxx.com」即可。 It is an AI Agent Skill for Claude Code / OpenClaw, with 94 downloads so far.
How do I install SSL证书查询?
Run "/install ssl-monitor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is SSL证书查询 free?
Yes, SSL证书查询 is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does SSL证书查询 support?
SSL证书查询 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created SSL证书查询?
It is built and maintained by sunny-lobster-api (@sunny-lobster-api); the current version is v1.2.5.
More Skills