← 返回 Skills 市场

clawnedhub - Scan and Security your OpenClaw Instances

Name: clawnedhub - Scan and Security your OpenClaw Instances
Author: jenish-sojitra

作者 jenish-sojitra · GitHub ↗ · v1.0.1

cross-platform ✓ 安全检测通过

352

总下载

当前安装

版本数

在 OpenClaw 中安装

/install clawnedhub

功能描述

Security agent that inventories installed OpenClaw skills, analyzes them for threats, and syncs results to your Clawned dashboard.

使用说明 (SKILL.md)

Clawned — Security Agent for OpenClaw

Automatically discovers all installed skills, analyzes them for security threats, and syncs results to your Clawned dashboard.

Setup

Configure your API key in openclaw.json:

{
  "skills": {
    "entries": {
      "clawned": {
        "enabled": true,
        "env": {
          "CLAWNED_API_KEY": "cg_your_api_key_here",
          "CLAWNED_SERVER": "https://api.clawned.io"
        }
      }
    }
  }
}

Commands

Sync all installed skills to dashboard

python3 {baseDir}/scripts/agent.py sync

Scan a single skill locally

python3 {baseDir}/scripts/agent.py scan --path \x3Cskill-directory>

List all discovered skills

python3 {baseDir}/scripts/agent.py inventory

Check agent status

python3 {baseDir}/scripts/agent.py status

Data & Privacy

During sync (default operation):

Sends only skill metadata: name, owner, slug, version
No file contents are uploaded
No .env files or secrets are ever read

During scan --path (explicit user action only):

Reads source files (.md, .py, .js, etc.) from the specified skill directory for analysis
.env files are excluded from scanning
File contents are sent to the Clawned server for security analysis

Local config access:

Reads ~/.openclaw/openclaw.json only to locate skill directories (extraDirs paths)
No credentials or secrets are read from config files

Automatic Sync

Schedule every 6 hours via OpenClaw cron:

{
  "jobs": [
    {
      "schedule": "0 */6 * * *",
      "command": "Run clawned sync to check all installed skills",
      "description": "Security scan every 6 hours"
    }
  ]
}

安全使用建议

This skill appears to implement what it claims: it discovers installed skills and uploads metadata during 'sync', and only uploads file contents when you explicitly run 'scan --path'. Before installing or enabling it: 1) Verify you trust the CLAWNED_SERVER (default https://api.clawned.io) — scanned files will be sent there on explicit scans. 2) Create a minimally-privileged CLAWNED_API_KEY and avoid putting other secrets in skill source files. 3) Note the agent will register itself (sends hostname and OS) and persist a small state file at ~/.openclaw/clawned_agent.json; decide whether you’re comfortable with that telemetry. 4) Review the remainder of scripts/agent.py (especially the full cmd_scan implementation) if you need stronger guarantees about exactly which files are uploaded. 5) If in doubt, run the agent in an isolated/test environment first or audit network traffic to the server to confirm behavior.

功能分析

Type: OpenClaw Skill Name: clawnedhub Version: 1.0.1 The OpenClaw AgentSkills bundle 'clawnedhub' is a security agent designed to inventory, analyze, and sync security results of installed skills to a dashboard. Its behavior, as described in SKILL.md and implemented in scripts/agent.py, is consistent with its stated purpose. The agent makes network calls to `https://api.clawned.io` to register itself (sending hostname and OS) and to sync skill metadata. During an explicit 'scan' command, it collects and sends skill source file contents (excluding .env files) for security analysis, as clearly documented. The `SKILL.md` includes a benign prompt injection instruction for a cron job (`Run clawned sync to check all installed skills`), which aligns with the skill's function and does not attempt to manipulate the agent into malicious actions. No evidence of credential theft, unauthorized data exfiltration, persistence mechanisms outside of OpenClaw's documented cron, or RCE vulnerabilities were found. The included `detection-patterns.md` and `threat-model.md` are documentation files, not executable code, and reflect a security-conscious design rather than malicious intent.

能力评估

✓ Purpose & Capability

Name/description (security scanner for OpenClaw skills) aligns with requested items: python3 runtime and a CLAWNED_API_KEY for communicating with a Clawned server. The code only contacts the CLAWNED_SERVER endpoint and uses the API key; no unrelated cloud credentials or extra binaries are requested.

ℹ Instruction Scope

Runtime instructions and the script are mostly scoped correctly: 'sync' discovers skills and uploads metadata, 'scan --path' collects source files and sends them to the server. However SKILL.md omits one runtime behavior the code performs: the agent registers itself by sending hostname and OS to the server during first sync. The SKILL.md privacy statements about 'what is sent' should mention agent registration.

✓ Install Mechanism

No install spec (instruction-only + Python script included). No remote installers, no downloads, no package manager operations. The risk surface comes from the included script executing on the host, not from an installer.

✓ Credentials

Only CLAWNED_API_KEY (and optional CLAWNED_SERVER) are required. This is proportionate to a service that uploads metadata and scanned files. The skill does read ~/.openclaw/openclaw.json to locate extraDirs; that is plausible for its purpose but is flagged by detection rules as sensitive (see scan findings).

✓ Persistence & Privilege

always:false and model invocation defaults are normal. The script writes a local state file (~/.openclaw/clawned_agent.json) to persist agent_id/last_sync; it does not attempt system-wide changes, cron modification, or alter other skills. No elevated privileges or persistence mechanisms are requested by the code.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install clawnedhub
安装完成后，直接呼叫该 Skill 的名称或使用 /clawnedhub 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.1

Install the Skill Configure it with token from clawned.io Secure your machines

元数据

Slug clawnedhub

版本 1.0.1

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题