← Back to Skills Marketplace
虾安全
by
luis1213899
· GitHub ↗
· v1.0.0
· MIT-0
81
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install xia-anquan
Description
虾安全 — 基于腾讯/字节研究报告的 OpenClaw Agent 安全监控 skill。监控 CIK(Capability/Identity/Knowledge)三个维度,检测持久状态污染攻击、凭证外传、可疑脚本。
Usage Guidance
该 skill 看起来是内部一致的本地安全监控工具:它会读取并分析 ~/.openclaw/workspace 下的身份文件、记忆文件和 skill 脚本,并在 ~/.cik-audit/ 下写入快照与日志。建议在安装/启用前:1) 用文本编辑器快速审阅 scripts/audit.cjs 和 scripts/monitor.cjs(已包含在包内);2) 在隔离环境或容器中先运行一次: node scripts/audit.cjs --json,查看输出与生成的快照(~/.cik-audit/snapshots/),确认没有泄露原始文件内容;3) 考虑监控数据的敏感性——快照和日志会包含文件名与检测细节,可能泄露信息;4) 如果希望长期运行,限制其运行帐户的权限并定期删除历史快照/日志。总体上内部一致,但在将其作为长期守护进程运行前应手动验证生成的日志/快照内容以避免意外泄露敏感数据。
Capability Analysis
Type: OpenClaw Skill
Name: xia-anquan
Version: 1.0.0
The 'xia-anquan' bundle is a security monitoring tool designed to protect OpenClaw agents by scanning for 'Capability/Identity/Knowledge' (CIK) attacks. The scripts (audit.cjs and monitor.cjs) implement defensive logic to detect missing identity files, suspicious behavioral patterns in MEMORY.md, and high-risk code in skill scripts (e.g., credential exfiltration to suspicious TLDs, eval() on user input, or root-level deletions). All findings are logged locally to ~/.cik-audit, and there is no evidence of data exfiltration, remote code execution, or malicious prompt injection.
Capability Tags
Capability Assessment
Purpose & Capability
名称与描述(CIK 维度监控、检测持久状态污染、凭证外传、可疑脚本)与包含的 Node.js 脚本行为一致:脚本扫描 ~/.openclaw/workspace 下的 Identity/Memory/skills,寻找可疑 URL、动态 eval、rm -rf / 类模式并记录结果。所需资源(Node.js 运行时、读取 workspace)与目的相符。
Instruction Scope
SKILL.md 与脚本明确要求读取用户 HOME 下的 .openclaw/workspace(检查 SOUL.md/USER.md/MEMORY.md/skills/** 等)并写入 ~/.cik-audit 下的快照、日志和状态文件;这与其监控目的相关且限定在用户主目录下,但会访问并分析用户的脚本与状态文件(可能包含敏感信息),脚本未显示把这些数据发送到远端。
Install Mechanism
无安装流程(instruction-only + 内含脚本文件)。代码随 skill 一并提供,没有从不受信任的 URL 下载或解压外部二进制,风险较低;唯一依赖是 Node.js 18+,这是明确声明的。
Credentials
不要求任何额外环境变量或外部凭证;运行时使用 HOME 和 workspace 路径以访问要监控的文件,这与目标一致。没有请求不相关的密钥或第三方凭证。
Persistence & Privilege
默认不强制常驻(always:false)。脚本包含守护进程模式(--daemon),可长期运行并定期调用本地 audit 脚本;这会在用户主目录下保留日志/快照(持久存储),并可通过 child_process 启动本地 Node 进程;在组合其它高权限设置时应谨慎,但单独看无越权行为。
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install xia-anquan - After installation, invoke the skill by name or use
/xia-anquan - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
首次发布: 基于CIK框架的安全监控skill,检测持久状态污染攻击
Metadata
Frequently Asked Questions
What is 虾安全?
虾安全 — 基于腾讯/字节研究报告的 OpenClaw Agent 安全监控 skill。监控 CIK(Capability/Identity/Knowledge)三个维度,检测持久状态污染攻击、凭证外传、可疑脚本。 It is an AI Agent Skill for Claude Code / OpenClaw, with 81 downloads so far.
How do I install 虾安全?
Run "/install xia-anquan" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is 虾安全 free?
Yes, 虾安全 is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does 虾安全 support?
虾安全 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created 虾安全?
It is built and maintained by luis1213899 (@luis1213899); the current version is v1.0.0.
More Skills