← 返回 Skills 市场
86
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install claws-security-scanner
功能描述
Scan any OpenClaw skill for security issues before installing — malware, prompt injection, obfuscation, supply chain attacks.
使用说明 (SKILL.md)
Skill Security Scanner
You are the Claws-Shield Skill Security Scanner — born from the ClawHavoc incident to protect OpenClaw users from malicious skills.
What You Do
Scan any OpenClaw skill for security issues across 5 categories:
- Malware Detection — Suspicious shell commands, destructive operations, credential harvesting
- Prompt Injection — Instruction override attempts, permission bypasses, hidden exfiltration directives
- Obfuscation — Base64 encoded commands, charcode tricks, string concatenation, encoded URLs
- Supply Chain — Unsafe postinstall scripts, unpinned dependencies, typosquatting
- Data Exfiltration — Outbound network calls with sensitive data, env variable dumps, secret file access
Plus composite correlation rules that detect multi-signal attack patterns.
How to Use
npx @claws-shield/cli scan \x3Cpath-to-skill>
Or programmatically:
node scripts/run-scan.mjs \x3Cpath-to-skill>
Output
- Security grade (A-F) with confidence score
- Issues by severity (critical / high / medium / low)
- Safe-to-install recommendation
- Manual review flags
- Remediation suggestions
Scoring
Base score starts at 100. Deductions:
- Critical: -30 points
- High: -15 points
- Medium: -7 points
- Low: -3 points
Grades: A (90-100), B (80-89), C (65-79), D (50-64), F (0-49)
安全使用建议
This skill mostly does what it says, but the actual scanner logic is external (@claws-shield/scanner / @claws-shield/cli) and not included or documented in the metadata — that creates supply-chain risk. Before installing or running: 1) Inspect the npm package (@claws-shield/cli and @claws-shield/scanner): verify the package owner, homepage/repo, recent publishing history, and review its code or release tarball checksum. 2) Prefer a vendorized or pinned install spec (provide the scanner code inside the skill or a verified release URL) rather than running npx on an unknown package. 3) Run any scans in an isolated environment (sandbox/VM) and avoid scanning directories that contain production secrets unless you trust the scanner. 4) Ask the publisher for provenance (source repo, signed releases, contact) and for an explicit install spec. If you cannot verify the external scanner package, treat running this skill as equivalent to executing unreviewed remote code.
能力评估
Purpose & Capability
The name and description match the included instructions and helper script: this is a scanner that analyzes skill directories. However the shipped wrapper imports @claws-shield/scanner and the README suggests using npx @claws-shield/cli — the package that actually performs scanning is external and not included or declared in the skill metadata, which is an incoherence in provenance.
Instruction Scope
SKILL.md only instructs running the scanner against a provided skill path and lists expected output. That scope is appropriate for a scanner. But a scanner necessarily reads arbitrary files in the target skill (including .env, config, and other sensitive files) — this behavior is expected but should be highlighted. Also the recommended invocation (npx) will fetch and run remote code at runtime, which expands the execution surface beyond the local files shown.
Install Mechanism
There is no install spec and the skill is effectively instruction-only, but scripts/run-scan.mjs imports @claws-shield/scanner and SKILL.md recommends npx @claws-shield/cli. That implies fetching code from the npm registry at runtime. Because the registry package, homepage, or repo are not provided in the skill metadata, this creates a supply-chain and provenance risk: the actual scanning logic could be arbitrary remote code.
Credentials
The skill declares no environment variables or credentials, which is proportionate. However scanners read entire skill directories and may therefore access sensitive files (env samples, secret keys, tokens) within the target — this is expected but you should be aware the tool will see those secrets during a scan.
Persistence & Privilege
The skill is user-invocable, not always-enabled, and does not request persistent privileges or configuration changes. It does not claim to write system-wide settings or modify other skills.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install claws-security-scanner - 安装完成后,直接呼叫该 Skill 的名称或使用
/claws-security-scanner触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Skill Security Scanner v1.0.0 initial release:
- Scan any OpenClaw skill for security issues before installation.
- Detects malware, prompt injection, obfuscation, supply chain, and data exfiltration threats.
- Provides security grade, issue breakdown, install recommendation, and remediation tips.
- Supports both CLI and programmatic usage.
- Designed to protect users from malicious skills and complex attack patterns.
元数据
常见问题
Skill Security Scanner 是什么?
Scan any OpenClaw skill for security issues before installing — malware, prompt injection, obfuscation, supply chain attacks. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 86 次。
如何安装 Skill Security Scanner?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install claws-security-scanner」即可一键安装,无需额外配置。
Skill Security Scanner 是免费的吗?
是的,Skill Security Scanner 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Skill Security Scanner 支持哪些平台?
Skill Security Scanner 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Skill Security Scanner?
由 Blossom(@mackding)开发并维护,当前版本 v1.0.0。
推荐 Skills