← 返回 Skills 市场

AOI OpenClaw Security Toolkit (Core)

Name: AOI OpenClaw Security Toolkit (Core)
Author: edmonddantesj

作者 edmonddantesj · GitHub ↗ · v0.1.6

cross-platform ⚠ suspicious

775

总下载

当前安装

版本数

在 OpenClaw 中安装

/install aoi-openclaw-security-toolkit-core

功能描述

Run local-only fail-closed security checks to detect and report data leaks, secrets, egress risks, and prompt injections before publishing or committing code.

使用说明 (SKILL.md)

AOI OpenClaw Security Toolkit (Core)

Why: Prevent “one bad commit” incidents (accidental file leakage + secret exposure) with a fast, local-only, fail-closed check. When: Before committing/pushing, before publishing a skill, and when reviewing scripts/skills for unexpected egress behavior. How: Run a single command to get PASS/WARN/BLOCK and an optional redaction-safe report. Scope: Detection + reporting only (no auto-fix, no uploads, no auto-posting). Quickstart: openclaw-sec check --preset repo --diff staged

This is a public-safe toolkit skill.

Does: detect + report risks (PASS/WARN/BLOCK)
Does NOT: auto-fix, auto-upload, auto-post, or exfiltrate data

CLI

Binary: openclaw-sec

Common:

openclaw-sec check --lang en
openclaw-sec check --lang ko
openclaw-sec scan-secrets
openclaw-sec scan-egress
openclaw-sec scan-prompt --file inbound.txt

Exit codes:

0 PASS
1 WARN
2 BLOCK

Default scan scope

If --paths is omitted, it scans existing paths among:

.
skills/
scripts/
context/

Rules

Rule files live in rules/:

secret_patterns.txt
egress_patterns.txt
prompt_injection_patterns.txt

Edit these to tune sensitivity.

安全使用建议

This appears to be a coherent local-only scanner. Before installing, ensure you: (1) are comfortable that the tool will read files in your repository/workspace (including any files under '.'), (2) have git on PATH if you plan to use diff presets, and (3) review the bundled rules/regex files if you want to tune sensitivity. If you need stronger assurance, inspect the remainder of skill.js (integrity checks are provided) or run it in a sandboxed environment first.

功能分析

Type: OpenClaw Skill Name: aoi-openclaw-security-toolkit-core Version: 0.1.6 The OpenClaw security toolkit is designed for local-only security checks, adhering to its stated policy of no data exfiltration or auto-remediation. It uses `spawnSync` only for fixed `git` commands, limiting shell injection risks. However, the `skill.js` file contains a vulnerability where regular expressions are compiled from user-controlled input (via `--exclude` arguments and `.aoi-allowlist` file content) in the `isExcluded` and `compileAllowlistMatchers` functions. This could lead to a Regular Expression Denial of Service (ReDoS) if a malicious or poorly crafted regex is provided, causing resource exhaustion for the skill. This is a vulnerability, not intentional malice, classifying the skill as suspicious.

能力评估

ℹ Purpose & Capability

The name/description (local-only security scanner) match the code and bundled rule files. The only minor mismatch: the skill spawns the 'git' command to compute diffs, but the registry metadata lists no required binaries; git is reasonable for a repo preset but the metadata could explicitly declare it.

✓ Instruction Scope

SKILL.md describes scanning repo/workspace paths, using included rules, and producing redaction-safe reports. The implementation reads local files, scans text and URLs, and may write an output report; it does not attempt to read unrelated system secrets, nor does it send data to external endpoints.

✓ Install Mechanism

There is no install spec (instruction/CLI provided via bundled skill.js). package.json maps a local CLI binary but no external downloads or registry installs are required. No third-party packages are pulled in.

✓ Credentials

The skill requests no environment variables or credentials. The code does not access secret environment variables or external service tokens; it only reads files in the working tree and may invoke git.

✓ Persistence & Privilege

always is false and the skill does not modify other skills or system-wide settings. It may write an output file when --out is used, which is expected behavior for a CLI report generator.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install aoi-openclaw-security-toolkit-core
安装完成后，直接呼叫该 Skill 的名称或使用 /aoi-openclaw-security-toolkit-core 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v0.1.6

Release-check + integrity manifest (sha256) and staged-diff allowlist enforcement (fail-closed)

元数据

Slug aoi-openclaw-security-toolkit-core

版本 0.1.6

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题