← 返回 Skills 市场
113
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install gh-skillscan
功能描述
Scan an OpenClaw SKILL.md file for security threats before installing it. Posts the raw SKILL.md content and gets back a safety score (0-1), detected threat...
使用说明 (SKILL.md)
SkillScan
Check if a SKILL.md is safe before you install it.
Start the server
uvicorn skillscan.app:app --port 8001
Scan a SKILL.md file
curl -s -X POST http://localhost:8001/v1/scan-skill \
-H "Content-Type: application/json" \
-d "{\"skill_content\": $(cat path/to/SKILL.md | jq -Rs)}" | jq
Returns safety_score (1.0 = safe, 0.0 = dangerous), findings (list of threat names), verdict (SAFE/CAUTION/DANGEROUS), and skill_name.
What it detects
credential_harvesting— accessing $API_KEY, $TOKEN, $SECRET, $PASSWORDdata_exfiltration— curl/wget sending data to external URLsobfuscated_command— base64 decode piped to bash, eval, execpermission_overreach— accessing /etc/shadow, .ssh/, reverse shells
Example: scan before install
clawdhub inspect some-skill > /tmp/skill.md
VERDICT=$(curl -s -X POST http://localhost:8001/v1/scan-skill \
-H "Content-Type: application/json" \
-d "{\"skill_content\": $(cat /tmp/skill.md | jq -Rs)}" | jq -r '.verdict')
echo "Verdict: $VERDICT"
安全使用建议
This skill appears internally consistent and appropriate for scanning SKILL.md files. Before installing: (1) verify that the platform will install the listed pip packages from trusted sources (PyPI) and not a mirror you don't control, (2) run the uvicorn server locally and avoid exposing its port to the public (it accepts raw SKILL.md content, which could include sensitive data), and (3) treat its results as heuristic — the scanner uses regex rules that can both false-flag benign content and miss cleverly obfuscated threats, so manual review of any suspicious findings is still recommended.
功能分析
Type: OpenClaw Skill
Name: gh-skillscan
Version: 1.0.0
The gh-skillscan bundle is a security utility designed to perform static analysis on OpenClaw SKILL.md files via a local FastAPI server. The code in skillscan/detectors.py uses regex patterns to identify common indicators of malicious behavior, such as credential harvesting, data exfiltration, and obfuscated commands. The implementation is transparent, lacks any hidden execution or exfiltration logic, and aligns perfectly with its stated purpose of providing a safety verdict for other skills.
能力标签
能力评估
Purpose & Capability
Name/description (SKILL.md scanner) align with required binary (python), listed pip packages (fastapi, uvicorn, pydantic), and included code files which implement a local FastAPI scanner. No unrelated credentials, config paths, or unrelated binaries are requested.
Instruction Scope
SKILL.md instructs running a local uvicorn server and POSTing raw SKILL.md content to it — this is appropriate for a scanner, but the endpoint accepts raw skill content (which might itself contain secrets). The detector logic is rule-based (regexes) and may produce false positives (e.g., harmless docs mentioning API_KEY) or false negatives for novel obfuscation; the SKILL.md does not request the agent to read arbitrary system files or other unrelated environment variables.
Install Mechanism
Install spec is a uv-style pip install of known Python packages (fastapi, uvicorn, pydantic) — this is proportionate. The registry metadata shows an 'uv' install entry which appears to map to pip; the spec is not a remote arbitrary binary download. Confirm that the platform's install runner will install these packages from a trusted registry (PyPI).
Credentials
No environment variables, secrets, or config paths are requested. The code does not reference external credentials. This is proportionate for a local scanning utility.
Persistence & Privilege
always is false and the skill does not request elevated/system-wide privileges or alter other skills' configs. It runs as a normal local service (uvicorn) and does not claim permanent elevated presence.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install gh-skillscan - 安装完成后,直接呼叫该 Skill 的名称或使用
/gh-skillscan触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Updated the description for clarity and conciseness, emphasizing safety verdict and supported threat types.
- Simplified instructions: combined installation and usage sections; added concise curl and jq usage for scanning.
- Listed exact threat types detected with clear pattern names.
- Added server startup and real-world example for scanning before install.
- Enhanced metadata details and removed version number from YAML frontmatter.
v0.1.1
- Renamed skill to gh-skillscan and updated version to 0.1.1.
- Added detailed installation instructions, including required dependencies (fastapi, uvicorn, pydantic).
- Updated usage section for clearer setup and API call guidance.
- Introduced OpenClaw metadata for runtime and install requirements.
- Reorganized and clarified documentation for easier onboarding.
v0.1.0
Initial release of SkillScan: a tool to assess security risks in OpenClaw SKILL.md files.
- Scans SKILL.md file content for risky patterns before installation.
- Checks for credential exposure, outbound data transfer, obfuscated commands, and elevated permission use.
- Provides a safety score, list of findings, and an overall verdict.
- Supports both hosted API and standalone operation.
元数据
常见问题
Skillscan 是什么?
Scan an OpenClaw SKILL.md file for security threats before installing it. Posts the raw SKILL.md content and gets back a safety score (0-1), detected threat... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 113 次。
如何安装 Skillscan?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install gh-skillscan」即可一键安装,无需额外配置。
Skillscan 是免费的吗?
是的,Skillscan 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Skillscan 支持哪些平台?
Skillscan 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Skillscan?
由 mirni(@mirni)开发并维护,当前版本 v1.0.0。
推荐 Skills