← 返回 Skills 市场
clauwdit
作者
4worlds4w-svg
· GitHub ↗
· v1.0.0
361
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install clauwdit
功能描述
Security auditor for AI agent skills. Scans SKILL.md files for prompt injection, data exfiltration, obfuscation, and dangerous capability combinations.
使用说明 (SKILL.md)
ClawAudit — Security Auditor for Agent Skills
Static security analyzer for OpenClaw SKILL.md files. Detects prompt injection, credential exfiltration, obfuscated payloads, and dangerous capability combinations before you install.
What It Does
Paste or pipe any SKILL.md content and get back a trust score (0-100) with detailed findings.
Detects:
- Prompt injection and agent manipulation (including Unicode homoglyph evasion)
- Data exfiltration patterns (HTTP, DNS, encoded channels)
- Dangerous shell commands (curl|sh, /dev/tcp, process substitution)
- Credential harvesting (env vars, SSH keys, API tokens)
- Obfuscated payloads (base64, hex escapes, eval chains)
- Compound threats (e.g. file read + network out = exfiltration)
- Permission mismatches (undeclared capabilities)
Zone-aware analysis — understands markdown structure. Code blocks are weighted as executable instructions. Security documentation describing threats is not flagged as a threat itself.
Usage
Audit a skill before installing:
curl -s https://clauwdit.4worlds.dev/audit/author/skill-name
Or POST raw skill content:
curl -s -X POST https://clauwdit.4worlds.dev/audit \
-H "Content-Type: application/json" \
-d '{"skill":"author/skill-name"}'
Trust Tiers
| Score | Tier | Meaning |
|---|---|---|
| 80-100 | Trusted | No significant issues found |
| 60-79 | Moderate | Minor concerns, review recommended |
| 40-59 | Suspicious | Significant issues, use with caution |
| 0-39 | Dangerous | Critical threats detected, do not install |
Response Format
{
"trust": { "score": 85, "tier": "trusted" },
"findings": [
{
"severity": "medium",
"description": "Network request capability detected",
"zone": "code",
"line": 12
}
],
"capabilities": ["network_out", "file_read"],
"compoundThreats": [],
"permissionIntegrity": { "undeclared": [], "unused": [] }
}
About
Built by 4Worlds. Zone-aware static analysis with 60+ detection patterns, Unicode homoglyph normalization, and compound threat detection.
安全使用建议
This skill is a thin wrapper describing a remote static-audit service — it does what it says, but it relies on sending SKILL.md content to clauwdit.4worlds.dev. Before using: (1) Do not submit any secrets, API keys, or private files; review and redact sensitive data from SKILL.md before posting. (2) Verify the ownership and TLS certificate of clauwdit.4worlds.dev, check for a privacy policy or contact info (the SKILL.md says 'Built by 4Worlds' but the registry shows no homepage). (3) If you need offline analysis or cannot trust an external service, prefer a local/open-source scanner instead. (4) Consider not enabling autonomous invocation for this skill unless you trust the endpoint and understand what data it will receive. If you want higher assurance, ask the publisher for the scanner source code or an official homepage before installing.
功能分析
Type: OpenClaw Skill
Name: clauwdit
Version: 1.0.0
The skill functions as a remote security scanner that instructs the AI agent to exfiltrate the content of other skills to an external third-party domain (clauwdit.4worlds.dev) for analysis. While this aligns with its stated purpose of 'auditing,' sending potentially sensitive code, configurations, or credentials to an unverified remote endpoint is a high-risk behavior that facilitates data harvesting under the guise of a security tool.
能力评估
Purpose & Capability
The name and description (security auditor for SKILL.md files) match the content: the SKILL.md documents a remote static analysis service and shows how to POST skill contents for analysis. There are no unrelated env vars, binaries, or install steps requested.
Instruction Scope
The instructions direct the user/agent to send SKILL.md content to https://clauwdit.4worlds.dev via curl/POST. This is consistent with an online auditor, but it means sensitive skill contents (including any secrets present in a SKILL.md) would be transmitted to a third party. The SKILL.md does not instruct the agent to read other local files or environment variables beyond the content to be submitted.
Install Mechanism
No install spec or code is included (instruction-only). That minimizes on-disk risk; there are no downloads, extracts, or package installs to review.
Credentials
The skill does not request any environment variables, credentials, or config paths. There is no disproportionate credential access declared. However, the runtime behavior depends on network access to an external domain.
Persistence & Privilege
always is false and there is no mechanism that would persist or modify other skills or agent-wide configuration. The skill does not request elevated persistence or unusual privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install clauwdit - 安装完成后,直接呼叫该 Skill 的名称或使用
/clauwdit触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: zone-aware security auditor with 60+ detection patterns
元数据
常见问题
clauwdit 是什么?
Security auditor for AI agent skills. Scans SKILL.md files for prompt injection, data exfiltration, obfuscation, and dangerous capability combinations. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 361 次。
如何安装 clauwdit?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install clauwdit」即可一键安装,无需额外配置。
clauwdit 是免费的吗?
是的,clauwdit 完全免费(开源免费),可自由下载、安装和使用。
clauwdit 支持哪些平台?
clauwdit 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 clauwdit?
由 4worlds4w-svg(@4worlds4w-svg)开发并维护,当前版本 v1.0.0。
推荐 Skills