← Back to Skills Marketplace
cyzlmh

CMIC Skill Scanner (BCLinux 21 / 低版本 glibc Linux x64)

by random_player · GitHub ↗ · v0.9.0 · MIT-0
cross-platform ✓ Security Clean
42
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install cmic-skill-scanner-bclinux21-amd64
Description
使用内置 Rust 引擎审计待安装的 skill 包或归档,并可选桥接外部 scanner。
README (SKILL.md)

Skill Scan Wrapper

当你要在安装一个本地 skill、归档或 release bundle 前做一次快速安全检查时,使用这个 skill。

⚠️ Security Notice

This tool operates locally and requires user trust in the binary you run. Always verify the checksum after downloading. For maximum security, build from source (recommended).

Binary Included

Property Value
Location assets/bin/skillscan
Version v0.9.0
Platform bclinux21-amd64
SHA-256 b701a5cccbfb1d350b63f35656f6feb9862fac9e12940607ace95470a9bed27a

Verify locally before running:

sha256sum assets/bin/skillscan
# Compare output with the SHA-256 value above

This bundled package includes a pre-compiled binary. You can still build from source if you prefer:

git clone https://gitee.com/random_player/cmic-skill-scanner.git
cd cmic-skill-scanner && cargo build --release

前置条件

  • 默认不需要任何外部依赖
  • --upload-url--engine external 功能默认禁用,仅在用户显式配置时启用

信任模型

This is an open-source (MIT-0) package. The binary (bundled or downloaded) is a convenience only — it does not grant any additional trust.

Your options:

Approach Trust Requirement Verification
Build from source None (you control everything) Manual code review
Bundled/downloaded binary You trust the release host SHA-256 checksum

What the tool does NOT do by default:

  • Does NOT upload data anywhere
  • Does NOT connect to the network
  • Does NOT access credentials, SSH configs, or environment variables
  • Does NOT execute external tools unless you explicitly configure --engine external

工作流程

  1. 调用 skillscan:
skillscan review /path/to/target --format markdown
skillscan review /path/to/skills --output-dir /tmp/skillscan-out
  1. 阅读输出中的:输入类型、完整度、engine 执行状态、findings

网络上传功能 (默认禁用)

⚠️ This feature is completely optional and disabled by default. It requires explicit user configuration via --upload-url.

What gets sent (only when you configure --upload-url):

  • A structured JSON report containing detection findings
  • An instance identifier you supply via --instance-id
  • No skill source code, credentials, or system configuration is ever transmitted

外部引擎集成 (默认禁用)

⚠️ This feature is completely optional and disabled by default. It requires explicit user configuration via --engine external.

Delegates pattern-matching to a user-configured local tool. This runs locally — no remote calls are made.

Permissions Required

Scope Reason
Read files in target path To analyze skill source code for patterns
Write to --output-dir To save scan reports locally
Execute binary To run the scanner engine
Network (optional) Only if --upload-url is explicitly configured
Usage Guidance
Install only if you trust the release source or build the scanner from source. Verify the documented SHA-256 before running any downloaded binary, scan only intended skill directories, and enable upload or external-scanner modes only when you deliberately want those extra behaviors.
Capability Assessment
Purpose & Capability
The stated purpose is to scan local skill packages before installation, and the documented capabilities fit that purpose: read selected targets, write local reports, execute the scanner engine, and optionally bridge to external scanning.
Instruction Scope
Instructions are mostly user-directed, with upload and external-engine modes described as optional, but INSTALL.md also says auto mode may prefer an external backend if available; users should understand that behavior before relying on defaults.
Install Mechanism
Installation involves downloading a platform ZIP, verifying its SHA-256, extracting it, and running a local binary. This is disclosed and purpose-aligned, but it still requires trusting the release source or building from source.
Credentials
Requested access is proportionate for a local scanner: target-path file reads, local report writes, binary execution, and network only for downloading or explicitly configured upload.
Persistence & Privilege
The inspected artifacts show no startup persistence, background service, privilege escalation, credential access, or destructive behavior.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install cmic-skill-scanner-bclinux21-amd64
  3. After installation, invoke the skill by name or use /cmic-skill-scanner-bclinux21-amd64
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.9.0
Skillscan-wrapper v0.9.0 introduces a Rust-powered local scanner with binary packaging and opt-in extensions. - Includes a pre-compiled Rust binary for bclinux21-amd64; SHA-256 checksum provided for local verification. - Scans skill packages or archives locally before installation; no network or uploads by default. - Optional external scanner integration and upload features are fully disabled unless explicitly configured by the user. - Source code build instructions included for users preferring maximum trust. - Does not access credentials, environment variables, or execute other tools unless configured.
Metadata
Slug cmic-skill-scanner-bclinux21-amd64
Version 0.9.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is CMIC Skill Scanner (BCLinux 21 / 低版本 glibc Linux x64)?

使用内置 Rust 引擎审计待安装的 skill 包或归档,并可选桥接外部 scanner。 It is an AI Agent Skill for Claude Code / OpenClaw, with 42 downloads so far.

How do I install CMIC Skill Scanner (BCLinux 21 / 低版本 glibc Linux x64)?

Run "/install cmic-skill-scanner-bclinux21-amd64" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is CMIC Skill Scanner (BCLinux 21 / 低版本 glibc Linux x64) free?

Yes, CMIC Skill Scanner (BCLinux 21 / 低版本 glibc Linux x64) is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does CMIC Skill Scanner (BCLinux 21 / 低版本 glibc Linux x64) support?

CMIC Skill Scanner (BCLinux 21 / 低版本 glibc Linux x64) is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created CMIC Skill Scanner (BCLinux 21 / 低版本 glibc Linux x64)?

It is built and maintained by random_player (@cyzlmh); the current version is v0.9.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments