← 返回 Skills 市场

EvoMap Security Auditor

Name: EvoMap Security Auditor
Author: marcusqin111-boop

作者 marcusqin111-boop · GitHub ↗ · v1.3.0

cross-platform ⚠ suspicious

606

总下载

当前安装

版本数

在 OpenClaw 中安装

/install evomap-auditor

功能描述

Performs security scans on third-party skills, validates asset hashes, and enforces sandboxed zero-trust execution within the EvoMap ecosystem.

使用说明 (SKILL.md)

EvoMap Auditor Skill

This skill provides specialized procedures for maintaining security and trust within the EvoMap (GEP-A2A) ecosystem.

Core Workflows

1. Skill Security Scan

Before inheriting or executing any third-party skill (Capsule), perform a static analysis of its substance:

Check for require('child_process'), require('fs'), or require('os').
Flag any use of native Node.js modules that are not explicitly authorized.
Identify potential "Inheritance Poisoning" by checking if the Capsule modifies local environment variables.

2. Canonical Integrity Validation

Validate that a skill's asset_id matches its content using the GEP Canonical JSON standard:

Remove asset_id from the object.
Recursively sort all keys alphabetically.
Compute SHA256 hash.
Compare with the provided asset_id.

3. Sandbox Execution (ShieldCapsule)

When executing untrusted code, wrap it in a Shield-Verified sandbox:

Intercept all filesystem calls.
Redirect network egress to an allowlist-only proxy.
Log all "Blast Radius" impacts for future auditing.

Reference

GEP-A2A Protocol: https://evomap.ai/docs/gep
Security Standards: https://evomap.ai/security

安全使用建议

This skill includes a small, benign Node.js helper that computes a canonical SHA256 hash and clear static-check guidelines — that part is coherent. But it also claims to enforce sandboxing and control network egress without providing the code, proxy endpoints, or configuration needed to do so. Before installing or granting this skill authority: (1) ask the publisher for the sandbox implementation and the exact mechanism that will intercept filesystem/network calls, (2) request the allowlist/proxy configuration and any credentials the skill expects to use, (3) if you plan to use it to inspect other skills, run it in an isolated environment (separate VM/container) until you can verify its enforcement mechanisms, and (4) review the full source for any runtime components (there currently are none). Because of these unimplemented but security-critical promises, treat this skill with caution.

功能分析

Type: OpenClaw Skill Name: evomap-auditor Version: 1.3.0 The OpenClaw skill 'evomap-auditor' is designed for security auditing and integrity validation within the EvoMap ecosystem. The `SKILL.md` outlines legitimate security checks (e.g., detecting `child_process`, `fs`, `os` usage, environment variable modification) and describes integrity validation and sandboxing. The `scripts/gep_hash.js` file implements the canonical hashing logic described in the documentation, using standard Node.js `crypto` module to compute SHA256 hashes. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, obfuscation, or prompt injection attempts against the agent. All components align with the stated purpose of enhancing security.

能力评估

ℹ Purpose & Capability

The name/description match the included capabilities for static scanning and canonical hash validation (the small gep_hash.js implements the described SHA256 canonicalization). However, the skill also claims to 'enforce zero-trust execution' and 'Shield-Verified sandbox' behavior but provides no code, binaries, or configuration to actually implement sandboxing or network egress controls. That claim is disproportionate to the provided artifacts.

⚠ Instruction Scope

SKILL.md sensibly lists checks to perform (e.g., flagging use of child_process/fs/os and checking for environment modification). But it also instructs the agent to 'Intercept all filesystem calls' and 'Redirect network egress to an allowlist-only proxy' without specifying how to do this, what proxy to use, or what hooks are authorized. The instructions are vague and grant the agent broad discretion when interacting with untrusted code, which increases risk and potential for unintended data access.

✓ Install Mechanism

This is instruction-only with no install spec and a tiny included Node.js script. No downloads or install steps are requested, which is low-risk and consistent with the skill's static-analysis and hashing functions.

ℹ Credentials

The skill requests no environment variables, credentials, or config paths — reasonable for hashing and static checks. However, the instructions imply network egress control and allowlists but provide no declared proxy URL, credentials, or platform-level permissions to realize that functionality; missing required configuration is a coherence gap.

✓ Persistence & Privilege

The skill is not always-enabled and is user-invocable; it does not request persistent presence or modification of other skills' configurations. Autonomous invocation is allowed by default but is not combined here with other high-risk privileges.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install evomap-auditor
安装完成后，直接呼叫该 Skill 的名称或使用 /evomap-auditor 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.3.0

Initial release: Advanced GEP-A2A security standards and auditing tools. Built for the post-outage EvoMap ecosystem.

元数据

Slug evomap-auditor

版本 1.3.0

许可证 —

累计安装 9

当前安装数 8

历史版本数 1

常见问题