← 返回 Skills 市场

claw-security-panel

Name: claw-security-panel
Author: haxsscker

作者 H4xssck3r#codeplay_team · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

105

总下载

当前安装

版本数

在 OpenClaw 中安装

/install claw-security-panel

功能描述

OpenClaw 安全检查面板（Python 3.7+ 兼容）。用户发送"启动安全检查"时触发，按四大类检查：接入安全、权限安全、执行安全、韧性安全。生成带 token 的临时 HTML 页面，含风险详情子页面和一键修复功能。

使用说明 (SKILL.md)

OpenClaw Security Panel v2

触发条件

用户发送以下消息时触发：

"启动安全检查"
"安全检查"
"检查安全配置"

检查框架（四大类）

A. 接入安全 (Access Security) 🔐

HTTPS 加密：检查是否启用 HTTPS
网关绑定：检查是否暴露在公网（0.0.0.0 vs 127.0.0.1）
端口配置：检查是否使用默认端口 18789
认证机制：检查是否配置口令/token 认证
登录来源检测：检查历史登录日志，识别非常用地 IP 登录风险，提供 ACL 策略配置建议

B. 权限安全 (Permission Security) 👤

运行用户：检查是否以 root 运行
关键文件保护：检查预加载的.json 和.md 文件是否有防修改声明（#lock/#protected）
文件权限：检查工作区文件权限设置
明文密码检测：扫描安装目录下是否有明文密码保存

C. 执行安全 (Execution Security) ⚙️

版本检查：当前 OpenClaw 版本
漏洞扫描：已知 CVE 漏洞检查
插件风险：已安装技能的安全风险
高风险命令检测：检查近 3 天执行命令历史，识别增加用户、删除文件、修改密码、端口转发等高风险操作

D. 韧性安全 (Resilience Security) 🛡️

登录 IP：检查已登录 IP 是否异常（外部 IP 检测）
备份状态：检查配置和工作区备份
版本控制：检查 git 仓库状态

功能特性

1. 主页面

整体风险等级展示
四大类检查概览
通过检测项统计（不计入低风险）
风险数量统计
右侧"查看风险详情"按钮

2. 风险详情子页面 (/claw_security_pannel/risks)

风险列表，每项包含：
- 风险等级标签（HIGH/MEDIUM/LOW）
- 详细描述
- 修复方案说明
- 修复后影响提示（避免误修复）
- 可自动修复/需人工修复标识
勾选框（仅可自动修复的风险可勾选）
一键修复按钮

3. 修复功能

可自动修复：文件权限、备份创建等
需人工修复：HTTPS 配置、密码迁移、认证配置等
- 禁止勾选
- 显示"🔧 需人工修复"标识
- 提供详细修复指南

输出格式

主页面

http://127.0.0.1:18790/claw_security_pannel?token=\x3Ctoken>

风险详情子页面

http://127.0.0.1:18790/claw_security_pannel/risks?token=\x3Ctoken>

API 接口

GET /claw_security_pannel/api/report

获取完整检查报告 JSON

POST /claw_security_pannel/api/fix

{
  "token": "\x3Ctoken>",
  "riskIds": ["id1", "id2"]
}

响应：

{
  "success": true,
  "fixed": ["风险项 1", "风险项 2"],
  "errors": [],
  "message": "成功修复 2 项"
}

环境要求

Python 版本: Python 3.7+
依赖: 仅使用 Python 标准库
兼容性: 已针对 Python 3.7-3.12 测试

注意事项

Token 有效期 30 分钟
面板服务运行在独立端口（18790）
通过检测的项直接显示"通过"，不计入风险统计
敏感操作（如密码修改）必须人工确认
修复前会显示修复后的影响提示

安全使用建议

This skill largely does what it says (local security checks and a temporary web panel), but several red flags deserve attention: - Missing runtime declarations: start.sh and the script call external commands (openclaw, last, sudo, curl, git) though the registry metadata lists no required binaries. Expect failures or hidden prompts for sudo. Ensure these tools and privileges are acceptable before running. - Reads sensitive data: the script reads /var/log/auth.log, runs last, and scans your workspace for plaintext secrets. That is appropriate for a security scanner, but you should only run it on systems you control and after making backups. - Dynamically generated server: start.sh launches /tmp/security_panel_server.py which is not part of the published files. The security_check.py likely writes and then executes a server script — code executed from /tmp is not visible in the manifest and could perform additional actions (network calls, exfiltration). Before running, inspect the runtime-generated /tmp/security_panel_server.py and /tmp/security_report.json to ensure they contain only the expected server and HTML content. - Auto-fix behavior: the tool can perform 'one-click' fixes (file permissions, modifying config.json). Review suggested fixes and back up affected files before applying automated fixes. - Recommended mitigations: run this skill in an isolated environment (VM/container) first, examine the generated /tmp files before execution, ensure you have recent backups, and run with minimal necessary privileges (avoid running as root). If you want to proceed, ask the publisher for the server code (the file created in /tmp) and full script contents (untruncated) so you can review all runtime behavior. If you cannot inspect the generated server, do not run it on production hosts.

功能分析

Type: OpenClaw Skill Name: claw-security-panel Version: 1.0.0 The bundle implements a security audit tool that performs highly intrusive data collection, including scanning the user's workspace for 'private_key', 'api_key', and 'token' (scripts/security_check.py), and reading shell history files like .bash_history and /root/.bash_history. While these actions are framed as security checks, they involve harvesting sensitive credentials and system logs. Furthermore, the start.sh script attempts to execute a missing server component (/tmp/security_panel_server.py) that is not included in the bundle, making the actual behavior of the web interface and its 'auto-fix' API unverifiable and potentially dangerous.

能力评估

ℹ Purpose & Capability

The skill claims to run a local security panel and the included Python script implements many described checks (gateway, HTTPS, auth, login sources, file scanning, git/backup checks). However the manifest declares no required binaries/credentials while the runtime calls external system binaries (openclaw, last, sudo, curl) and expects Python 3 — the lack of declared runtime binaries is an inconsistency but not necessarily malicious.

⚠ Instruction Scope

The SKILL.md and start.sh/scripts instruct reading system-level data: /var/log/auth.log (using sudo), output of last, shell/command history, workspace files, and critical OpenClaw config files. They also provide one-click auto-fix actions that can modify config files. All of the above are security-relevant and go beyond simple readonly checks; the instructions will access/modify sensitive local files and potentially require elevated privileges. This scope is coherent with a security scanner but increases risk and requires explicit user consent and environment checks.

⚠ Install Mechanism

There is no declared install spec (instruction-only), but start.sh launches a server from /tmp/security_panel_server.py (nohup python3 /tmp/security_panel_server.py "$TOKEN" "$PORT"). That server file is not present in the manifest — implying the runtime may generate and execute code in /tmp. Dynamically generating and executing code that is not part of the published package is a significant risk and not documented in SKILL.md.

⚠ Credentials

requires.env lists none, but the code accesses sensitive system areas (auth logs, workspace files, OpenClaw config) and invokes sudo in scripts. It also scans for plaintext secrets. The skill will attempt to read credentials and system logs without declaring any required privileges; it may fail unless the user has passwordless sudo or is root. The lack of declared required binaries (curl, sudo, openclaw, git) is inconsistent with actual behavior.

ℹ Persistence & Privilege

always:false and the skill is user-invocable (normal). The skill writes /tmp/security_report.json, /tmp/security_panel.pid and launches a background Python server on a local port (18790). Running as a background service and writing temp files is expected for a local panel, but because the server code is generated/executed from /tmp (not included in the package), this elevates the risk profile — the service could run code not visible in the manifest.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install claw-security-panel
安装完成后，直接呼叫该 Skill 的名称或使用 /claw-security-panel 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

OpenClaw 安全检查面板初版发布 - 新增 4 大类安全检查：接入安全、权限安全、执行安全、韧性安全 - 支持命令触发安全自查，生成临时带 token 的检查 HTML 页面 - 风险详情页支持查看各项风险、自动/人工修复区分与一键修复按钮 - 内建 REST API 获取报告及修复（仅标准库，无第三方依赖） - 明确风险等级、修复方案与修复后影响提示 - 面板服务独立运行，短时 token 控制访问权限

元数据

Slug claw-security-panel

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题