← 返回 Skills 市场

picoclaw-self-pen-testing

Name: picoclaw-self-pen-testing
Author: davida-ps

作者 davida-ps · GitHub ↗ · v0.0.3 · MIT-0

cross-platform ✓ 安全检测通过

总下载

当前安装

版本数

在 OpenClaw 中安装

/install clawsec-picoclaw-self-pen-testing

功能描述

Picoclaw-only local posture-review skill focused on read-only findings and safe operator remediation guidance.

使用说明 (SKILL.md)

Picoclaw Posture Review (separate package)

Purpose: keep Picoclaw posture-review checks isolated from the broader guardian package so moderation-sensitive checks can be versioned/published independently.

Vercel Skills Installation

Install with the Vercel Skills CLI for this harness:

npx skills add prompt-security/clawsec --skill picoclaw-self-pen-testing -a openclaw -y

Release Artifact Verification

For standalone installs, verify the signed release manifest before trusting SKILL.md, skill.json, or the archive. The skill.json file is the package metadata/SBOM source, and the release pipeline signs checksums.json with the ClawSec release key.

set -euo pipefail

SKILL_NAME="picoclaw-self-pen-testing"
VERSION="0.0.3"
REPO="prompt-security/clawsec"
TAG="${SKILL_NAME}-v${VERSION}"
BASE="https://github.com/${REPO}/releases/download/${TAG}"
ZIP_NAME="${SKILL_NAME}-v${VERSION}.zip"
TMP_DIR="$(mktemp -d)"
trap 'rm -rf "$TMP_DIR"' EXIT

RELEASE_PUBKEY_SHA256="711424e4535f84093fefb024cd1ca4ec87439e53907b305b79a631d5befba9c8"

curl -fsSL "$BASE/checksums.json" -o "$TMP_DIR/checksums.json"
curl -fsSL "$BASE/checksums.sig" -o "$TMP_DIR/checksums.sig"
curl -fsSL "$BASE/signing-public.pem" -o "$TMP_DIR/signing-public.pem"
curl -fsSL "$BASE/$ZIP_NAME" -o "$TMP_DIR/$ZIP_NAME"
curl -fsSL "$BASE/SKILL.md" -o "$TMP_DIR/SKILL.md"
curl -fsSL "$BASE/skill.json" -o "$TMP_DIR/skill.json"

ACTUAL_PUBKEY_SHA256="$(openssl pkey -pubin -in "$TMP_DIR/signing-public.pem" -outform DER | shasum -a 256 | awk '{print $1}')"
if [ "$ACTUAL_PUBKEY_SHA256" != "$RELEASE_PUBKEY_SHA256" ]; then
  echo "ERROR: signing-public.pem fingerprint mismatch" >&2
  exit 1
fi

openssl base64 -d -A -in "$TMP_DIR/checksums.sig" -out "$TMP_DIR/checksums.sig.bin"
openssl pkeyutl -verify -rawin -pubin \
  -inkey "$TMP_DIR/signing-public.pem" \
  -sigfile "$TMP_DIR/checksums.sig.bin" \
  -in "$TMP_DIR/checksums.json" >/dev/null

hash_file() {
  if command -v shasum >/dev/null 2>&1; then
    shasum -a 256 "$1" | awk '{print $1}'
  else
    sha256sum "$1" | awk '{print $1}'
  fi
}

verify_manifest_file() {
  asset="$1"
  path="$2"
  expected="$(jq -r --arg asset "$asset" '.files[$asset].sha256 // empty' "$TMP_DIR/checksums.json")"
  if [ -z "$expected" ]; then
    echo "ERROR: checksums.json missing $asset" >&2
    exit 1
  fi
  actual="$(hash_file "$path")"
  if [ "$actual" != "$expected" ]; then
    echo "ERROR: checksum mismatch for $asset" >&2
    exit 1
  fi
}

expected_archive="$(jq -r '.archive.sha256 // empty' "$TMP_DIR/checksums.json")"
if [ -z "$expected_archive" ]; then
  echo "ERROR: checksums.json missing archive.sha256" >&2
  exit 1
fi
actual_archive="$(hash_file "$TMP_DIR/$ZIP_NAME")"
if [ "$actual_archive" != "$expected_archive" ]; then
  echo "ERROR: archive checksum mismatch" >&2
  exit 1
fi

verify_manifest_file "SKILL.md" "$TMP_DIR/SKILL.md"
verify_manifest_file "skill.json" "$TMP_DIR/skill.json"

echo "Signed release manifest, archive, SKILL.md, and skill.json verified."

Only install or extract the archive after this verification succeeds.

Scope

This skill only performs local, read-only posture-review analysis against an existing Picoclaw posture profile.

It flags:

public Web UI exposure
disabled UI auth
unrestricted workspace/tooling
unsigned verification mode
MCP trust-boundary review needs
scheduler persistence review
plaintext secret markers
multi-channel auth review

Usage

node scripts/self_pen_test.mjs --profile ~/.picoclaw/security/clawsec/current-profile.json

Validation

python utils/validate_skill.py skills/picoclaw-self-pen-testing
node skills/picoclaw-self-pen-testing/test/self_pen_test.test.mjs

安全使用建议

Install only if you expect ClawHub/Convex maintainer workflows. Review the moderation and autoreview skills before use because they can guide agents toward admin actions or full-access review tooling, but the artifacts disclose those capabilities and include user-control safeguards.

能力评估

✓ Purpose & Capability

The visible skill files describe Convex setup, migration, performance, ClawHub moderation, PR maintenance, and review workflows, and the commands they recommend fit those purposes.

ℹ Instruction Scope

Several skills instruct agents to use powerful local or administrative tools, but the instructions include scoping, confirmation, dry-run, verification, and explicit-user-request requirements for sensitive actions.

✓ Install Mechanism

No hidden installer, obfuscated setup, unexpected package installation hook, or persistence mechanism was found in the inspected skill artifacts.

ℹ Credentials

The autoreview helper can run nested review tooling with full-access sandbox bypass by default and may run CI/static checks, which is broad but disclosed and aligned with its review-gate purpose.

✓ Persistence & Privilege

The artifacts do not show background persistence, credential harvesting, exfiltration, or privilege escalation; admin/moderation operations are framed as authenticated, audited, and user-confirmed workflows.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install clawsec-picoclaw-self-pen-testing
安装完成后，直接呼叫该 Skill 的名称或使用 /clawsec-picoclaw-self-pen-testing 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v0.0.3

Release 0.0.3 via CI

元数据

Slug clawsec-picoclaw-self-pen-testing

版本 0.0.3

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题