← 返回 Skills 市场
224
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install clawscan-vigil
功能描述
安装前扫描 OpenClaw Skill 安全风险,静态+动态双重检测,识别恶意代码
使用说明 (SKILL.md)
Skill: clawscan-vigil
🔍 OpenClaw Skill 安全扫描器
安装前扫描任意 Skill 的安全风险,静态 + 动态双重检测。
为什么需要 ClawScan?
- 341 个恶意 Skill 已被发现可窃取 API Key、加密货币钱包
- ClawHub 审核机制薄弱,12% Skill 存在恶意行为
- 安装前无法判断代码安全性
版本对比
| 功能 | 免费版 | Premium |
|---|---|---|
| 静态代码分析 | ✅ | ✅ |
| 动态行为检测 | ✅ | ✅ |
| 扫描次数 | 5次/月 | 无限 |
| 依赖风险分析 | ❌ | ✅ |
| 批量扫描 | ❌ | ✅ |
| 优先支持 | ❌ | ✅ |
| 价格 | 免费 | ¥49/年 |
快速开始
# 安装
clawhub install clawscan
# 查看配额状态
clawscan status
# 扫描本地 Skill(消耗1次配额)
clawscan scan /path/to/skill
# 扫描已安装的 ClawHub Skill
clawscan check mcp-server-prompts
# 详细报告
clawscan scan /path/to/skill --verbose
# JSON 输出(用于脚本集成)
clawscan scan /path/to/skill --json
激活 Premium
# 获取 License: https://clawscan.dev
clawscan activate CLAW-XXXX-XXXX-XXXX
# 确认激活
clawscan status
风险分级
| 等级 | 图标 | 描述 |
|---|---|---|
| 🔴 高危 | HIGH | 网络请求、文件写入、命令执行 |
| 🟡 中危 | MEDIUM | 子进程导入、API Key 处理 |
| 🟢 低危 | LOW | 纯计算逻辑 |
示例输出
╭────────────────────────── Scan Summary ──────────────────────────╮
│ 🔴 malicious-skill │
│ │
│ Overall Risk: HIGH │
│ Files Scanned: 3 │
│ Scan Duration: 15ms │
│ │
│ Findings: 8 total │
│ 🔴 High: 4 │
│ 🟡 Medium: 3 │
│ 🟢 Low: 1 │
╰──────────────────────────────────────────────────────────────────╯
🔴 HIGH RISK (4)
==================================================
network
Network module imported: requests
/skill/malicious.py:7
📦 Dependency Analysis (Premium)
==================================================
🔴 pyautogui (Potential keylogger/screenshot capability)
🟡 psutil (System access capabilities)
📋 Recommendations
==================================================
🚨 This Skill can execute system commands...
退出码
| Code | 含义 |
|---|---|
| 0 | 低危 |
| 1 | 高危风险 |
| 2 | 中危风险 |
| 3 | 扫描错误 |
| 4 | 配额已用完 |
技术细节
静态分析:
- AST 解析识别危险函数
- 7 类风险模式匹配(网络、文件、子进程、加密等)
动态分析:
- RestrictedPython 沙箱执行
- 监控运行时导入和调用
依赖分析 (Premium):
- 扫描 requirements.txt / pyproject.toml
- 识别已知风险包(pyautogui, browser-cookie3 等)
隐私说明
- 扫描完全本地执行,代码不会上传
- License 验证可选离线模式
- 不收集 Skill 内容或扫描结果
支持与反馈
- 问题反馈:https://github.com/yourname/clawscan/issues
- 获取 License:https://clawscan.dev
- 邮件:[email protected]
License: MIT (Tool) + Commercial (Premium Features)
安全使用建议
This package appears to implement a local scanner and does not attempt network exfiltration in the included code, but there are notable red flags you should address before installing:
- Dependencies: The code imports click, rich, RestrictedPython, and other libraries, but the registry only lists python3 and pip and provides no install script. Expect to manually install required Python packages or packaging to fail. Prefer installing in an isolated virtualenv and inspect the packages you install.
- RestrictedPython & dynamic analysis limits: Dynamic tracing runs code in a mock sandbox and purposely refuses to execute code containing constructs like eval/exec or __import__. Malicious code that obfuscates behavior or uses native extensions may evade detection—do not assume a clean scan guarantees safety.
- Metadata inconsistencies: SKILL.md/README include placeholder or mismatched links (e.g., github.com/yourname, clawscan.dev). That could be a sign the project is incomplete or not from a well-maintained upstream. Verify the project homepage and repository history before trusting or paying for 'Premium' features.
- Local writes: The tool will create ~/.clawscan and write license/usage files and can export JSON reports. If you need strict privacy, run scans in an isolated environment and review exported files.
What would raise confidence: an explicit install spec (or pyproject/pip wheel) that lists and installs required Python packages from known sources; consistent, verifiable upstream repository and release artifacts (GitHub releases or PyPI); and clearer handling of RestrictedPython availability and tomllib fallback for Python <3.11.
功能分析
Type: OpenClaw Skill
Name: clawscan-vigil
Version: 0.2.0
The bundle is a security utility designed to perform static and dynamic analysis on other OpenClaw skills to detect malware. It utilizes AST parsing and regex signatures in 'core/static_analyzer.py' to identify risky patterns (e.g., network calls, subprocesses, and crypto-wallet access) and employs a 'RestrictedPython' sandbox in 'core/dynamic_tracer.py' to safely monitor runtime behavior. While the tool includes a license management system ('core/license_manager.py') for a 'Premium' tier, all operations, including scanning and license validation, appear to be performed locally without unauthorized data exfiltration or malicious intent.
能力评估
Purpose & Capability
The skill's name and description (local pre-install scanner) align with the code: static_analysis + restricted dynamic execution + a CLI. However the registry metadata only requires 'python3' and 'pip' while the code imports many third-party Python packages (click, rich, RestrictedPython, tomllib (3.11+), etc.). There is no install spec to ensure those dependencies are installed. This mismatch (declaring only binaries but not Python package deps or an install step) is disproportionate and will cause runtime failures or require manual installation by the user.
Instruction Scope
SKILL.md instructs running scans against local Skill directories and claims scans run fully locally with no uploads. The implementation appears consistent: the dynamic tracer uses RestrictedPython and a mock __import__ to avoid executing real network/file operations. Still, dynamic analysis intentionally skips code containing dangerous constructs (eval/exec, __import__, long loops), so it may produce false negatives for obfuscated or highly dynamic malicious code. The scanner also exposes JSON export and batch scanning features (Premium) that will write output files locally—contradicting any absolute claim that 'no results are collected' if the user requests exports.
Install Mechanism
There is no install spec in the registry. The package includes code that depends on multiple Python libraries (click, rich, RestrictedPython, tomllib (py3.11), etc.), but the registry only lists python3 and pip as required binaries. Because the skill doesn't provide an automated install step to install its Python dependencies, installation as-is may fail. Absence of a controlled install step increases friction and the chance users will run ad-hoc pip installs themselves, which expands the attack surface if they use untrusted package sources.
Credentials
The skill does not request environment variables or external credentials. It stores license and usage files under a user directory (~/.clawscan), which is expected for a tool with a local license/quota model. No code paths were found that attempt to exfiltrate code or scanning results externally. Still, the presence of license activation/URLs and multiple placeholder links (e.g., github.com/yourname) is a trust concern: verify the upstream project and URLs before trusting license keys or following external links.
Persistence & Privilege
always:false and normal autonomous invocation are used. The skill creates (and will write) a local config directory (~/.clawscan) and license/usage JSON files, which is reasonable for quota/license bookkeeping. There is no code that modifies other skills or global agent settings. No 'always: true' or elevated system-wide privileges are requested.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install clawscan-vigil - 安装完成后,直接呼叫该 Skill 的名称或使用
/clawscan-vigil触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.0
clawscan-vigil 0.2.0
- Major update introducing new CLI and core modules for scanning.
- Added advanced analyzer, batch scanner, dynamic tracer, and risk engine for improved security detection.
- Introduced license management and support for Premium features.
- Added comprehensive documentation and usage guides.
- Improved code structure and maintainability by splitting logic into multiple core components.
v0.1.1
Initial release with Vigil Soul
v0.1.0
Initial release
元数据
常见问题
Clawscan Vigil 是什么?
安装前扫描 OpenClaw Skill 安全风险,静态+动态双重检测,识别恶意代码. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 224 次。
如何安装 Clawscan Vigil?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install clawscan-vigil」即可一键安装,无需额外配置。
Clawscan Vigil 是免费的吗?
是的,Clawscan Vigil 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Clawscan Vigil 支持哪些平台?
Clawscan Vigil 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(linux, macos, windows)。
谁开发了 Clawscan Vigil?
由 jjj09090(@jjj09090)开发并维护,当前版本 v0.2.0。
推荐 Skills