← 返回 Skills 市场
Auto Skill Scanner
作者
ohmanymoneygomyhome-creator
· GitHub ↗
· v1.0.4
· MIT-0
116
总下载
0
收藏
0
当前安装
5
版本数
在 OpenClaw 中安装
/install auto-skill-scanner
功能描述
Auto Skill Scanner - 自动化AI技能安全监控工具。每日自动扫描已安装的OpenClaw技能,发现硬编码凭证、Shell注入、网络泄露等安全隐患,报告推送至Telegram/飞书等渠道。触发词:scan skills、扫描技能、安全扫描。
使用说明 (SKILL.md)
🛡️ Auto Skill Scanner
自动化AI技能安全监控工具
🔍 功能特点
- 🔍 全面扫描 - 检查所有已安装的技能(npm包+扩展+workspace)
- 🛡️ 四大威胁检测
- 🔴 硬编码凭证(密码、API密钥)
- 🔴 环境变量泄露
- 🔴 Shell注入风险
- 🔴 网络请求外泄
- ⏰ 定时扫描 - 每24小时自动执行
- 📱 多渠道推送 - 自动发送到所有已配置的Channel
- 🎯 精准定位 - 告诉你是哪一行代码有问题
⚠️ 重要:首次使用
安装后需要手动触发一次来激活定时扫描!
激活步骤
- 安装 skill:
clawhub install auto-skill-scanner
- 在任意对话框发送:
扫描技能
或
scan skills
-
首次触发后会自动:
- 执行首次安全扫描
- 创建每24小时的定时扫描任务
- 报告发送到你的消息渠道
-
之后每天会自动扫描,无需任何操作
📋 安全等级
| 等级 | 含义 | 建议 |
|---|---|---|
| 🔴 CRITICAL | 严重漏洞 | 立即卸载 |
| 🟠 HIGH | 高危风险 | 需人工确认 |
| 🟡 MEDIUM | 中危隐患 | 可选处理 |
| ⚪ INFO | 最佳实践 | 可忽略 |
🎯 使用场景
场景1:日常监控(无需操作)
每天自动扫描,有问题会主动推送报告
场景2:新skill安装后
下次扫描自动覆盖,结果推送到你的渠道
场景3:主动检查
随时发送"扫描技能"立即检查
📊 报告示例
🛡️ Skill Audit Report
AI技能安全扫描 — 守护你的Agent
━━━━━━━━━━━━━━━━━━━━
📊 扫描概况
已扫描:53 个技能
✅ 安全:52 个
⚠️ 有隐患:1 个
📋 隐患详情
🔸 some-skill
🔴 严重 1 个
→ Hardcoded credentials
💡 处理建议
🔴 立即卸载 /remove some-skill
━━━━━━━━━━━━━━━━━━━━
🛠 技术细节
- 扫描引擎: Python正则表达式静态分析
- 扫描范围: npm包技能、扩展技能、工作区技能
- 定时任务: 通过OpenClaw cron实现
- 多渠道: 自动发现并发送到所有活跃渠道
✅ 安装要求
- OpenClaw 运行环境
- Python 3.7+
- 至少配置了一个消息渠道(Telegram/飞书等)
📦 安装
clawhub install auto-skill-scanner
⚙️ 工作原理
安装 → 手动触发一次 → 设置定时cron → 每日自动扫描
首次触发时,脚本会自动:
- 扫描所有已安装技能
- 发现所有活跃消息渠道
- 创建每日定时任务
- 发送首次扫描报告
安全使用建议
Before installing: 1) Review the included Python files yourself (scripts/skill_audit.py and scripts/scan_and_report.py). They perform local static analysis and will read your installed-skill directories and OpenClaw session file (~/.openclaw/agents/.../sessions.json). 2) Understand that after one manual trigger the skill will create daily cron jobs that run the scanner and post reports to all discovered channels — this can expose discovered secrets to shared channels. If you want this behavior, restrict which channels the agent uses or modify the script to require manual approval before posting critical findings. 3) Ensure 'openclaw' CLI and Python3 are available (the code calls openclaw cron add/list), and expect the installer to attempt to create cron entries; the metadata does not declare these requirements. 4) Consider running the scanner in a safe test account or isolated environment first; examine the report output locally (the script prints reports) and verify no sensitive secrets are being forwarded to unintended recipients. 5) If you install, check and audit created cron jobs (openclaw cron list) and verify/report routing; remove or disable automatic posting if you prefer manual triage.
功能分析
Type: OpenClaw Skill
Name: auto-skill-scanner
Version: 1.0.4
The skill functions as an automated security scanner but employs high-risk behaviors including programmatic persistence and sensitive data discovery. It reads 'sessions.json' to extract active communication channels and uses 'subprocess.run' to register itself as a recurring 24-hour cron job via the 'openclaw' CLI. While these actions align with the stated goal of automated reporting, the broad access to session configurations and the self-scheduling persistence mechanism are high-privilege operations typical of monitoring tools that could be repurposed for unauthorized data collection. Files involved: scripts/scan_and_report.py and scripts/skill_audit.py.
能力评估
Purpose & Capability
The name/description match the implementation: the Python scanner statically scans installed skills and formats a report. It also discovers active channels and uses the OpenClaw cron subsystem to schedule daily runs. However, the skill relies on the 'openclaw' CLI being available (calls openclaw cron list/add) and Python 3 on the host but does not declare required binaries in metadata — a minor incoherence.
Instruction Scope
SKILL.md promises automatic daily scans and multi-channel report delivery; the code implements this and will enumerate installed skills and sessions (reads ~/.openclaw/agents/.../sessions.json and various skills directories). That scope is functionally consistent but sensitive: the scanner will read arbitrary skill files and may include secrets in its findings, then automatically push those findings to every discovered active channel without an additional human review step. Automatic broadcasting of discovered secrets to multiple channels (including shared channels) is a data-leak risk and may be surprising to administrators.
Install Mechanism
No external downloads or installer scripts are included; this is an instruction + Python script bundle. No install spec that pulls remote archives was found, so there is low install-supply-chain risk from this package itself.
Credentials
The skill does not request environment variables or credentials, which is appropriate, but it reads user-local configuration and session files (e.g., ~/.openclaw/agents/.../sessions.json and various skill directories) to discover channels and skills. Reading those paths is inherent to the scanner's purpose but has high sensitivity because session entries may contain channel addresses/tokens and skills may contain secrets. The skill also relies on the 'openclaw' CLI and Python but those are not declared in metadata.
Persistence & Privilege
The skill does not set always:true, but it will create persistent cron jobs via the OpenClaw cron API (by invoking the 'openclaw' CLI) after the first manual trigger. That grants continuing, autonomous scanning/reporting capability — expected for a monitoring tool but important to note because it performs recurring actions that can publish sensitive findings automatically.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install auto-skill-scanner - 安装完成后,直接呼叫该 Skill 的名称或使用
/auto-skill-scanner触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.4
Fixed: improved skill discovery to find npm package skills, deduplication of scan results
v1.0.3
Fixed: exclude list now includes auto-skill-scanner, improved cron job detection
v1.0.2
Updated documentation to clearly explain the first-time trigger requirement
v1.0.1
Fixed: Auto-setup cron jobs on first trigger. Now automatically configures daily scanning and channel delivery when user says 'scan skills'.
v1.0.0
Automated AI skill security monitoring with daily auto-scan and multi-channel reporting
元数据
常见问题
Auto Skill Scanner 是什么?
Auto Skill Scanner - 自动化AI技能安全监控工具。每日自动扫描已安装的OpenClaw技能,发现硬编码凭证、Shell注入、网络泄露等安全隐患,报告推送至Telegram/飞书等渠道。触发词:scan skills、扫描技能、安全扫描。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 116 次。
如何安装 Auto Skill Scanner?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install auto-skill-scanner」即可一键安装,无需额外配置。
Auto Skill Scanner 是免费的吗?
是的,Auto Skill Scanner 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Auto Skill Scanner 支持哪些平台?
Auto Skill Scanner 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Auto Skill Scanner?
由 ohmanymoneygomyhome-creator(@ohmanymoneygomyhome-creator)开发并维护,当前版本 v1.0.4。
推荐 Skills