← 返回 Skills 市场
Security Audit by Jason
作者
ITHACAJASON
· GitHub ↗
· v1.0.0
247
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install jasonlai-security-audit
功能描述
Security audit for external resources (GitHub repos, downloaded skills, files). Detects malicious code, suspicious executables, and content mismatches. Use w...
使用说明 (SKILL.md)
Security Audit Skill
Automated security checks for external resources before execution.
When to Use
✅ ALWAYS use this skill when:
- Cloning any GitHub repository
- Downloading skills or code from the web
- Running external scripts or code
- Installing new tools from untrusted sources
Security Checks
File Type Detection
| File Type | Risk Level | Action |
|---|---|---|
.py, .js, .ts, .go, .rs |
✅ Low | Safe to review |
.md, .txt, .json, .yaml |
✅ Low | Safe to read |
.exe, .bat, .sh, .app, .msi |
🔴 High | Block without review |
| Unknown binary files | 🔴 High | Block without review |
Content Analysis
- Source Code Present: ✅ Pass
- README Matches Content: ✅ Pass
- Suspicious Patterns: Detects:
- Base64 encoded payloads
- Shellcode signatures
- Obfuscated code
- Network connections in scripts
Red Flags
🚨 Immediately alert user if:
- Executable files without source code
- README claims functionality not present in code
- Extremely long text files (> 50KB with single line)
- Encrypted/obfuscated content
- Direct download links in README (not GitHub releases)
Usage
# Audit a directory
cd /path/to/repo
python3 audit.py
# Audit with verbose output
python3 audit.py --verbose
# Export report to file
python3 audit.py --output report.txt
Check Results
✅ Safe
🛡️ Security Audit: PASSED
All checks passed. This resource appears safe to use.
- Source code: Found
- File types: Normal
- Content: Matches description
- No suspicious patterns detected
⚠️ Warning
⚠️ Security Audit: WARNING
Found minor issues that need review:
- Long line in file.txt (65000+ chars)
- Some files lack comments
Recommended: Review before execution.
🚨 Critical
🚨 Security Audit: BLOCKED
Critical security issues detected:
- Executable file: resolver.exe (NO source code)
- Suspicious payload: icon16.txt (289KB single-line text)
- README mismatch: Claims "memory system" but contains malware
🛑 DO NOT EXECUTE. Delete immediately.
Integration with OpenClaw
This skill can be invoked automatically by OpenClaw when:
- Cloning Repos: Runs after
git clone - Downloading Skills: Runs after
clawhub install - Running External Scripts: Runs before execution
To enable automatic auditing, add to your workflow:
# After git clone
git clone \x3Crepo-url> && cd \x3Crepo> && python3 audit.py
# After clawhub install
clawhub install \x3Cskill> && python3 ~/.clawhub/skills/\x3Cskill>/audit.py
Security Best Practices
For Users
- Never run unverified executables
- Always review code before execution
- Check file types in downloaded archives
- Verify repository activity and contributors
- Use virtual environments for testing
For Skill Authors
- Provide source code in clear text
- Include README that matches functionality
- Avoid obfuscation or encryption
- Document dependencies clearly
- Use standard formats (no custom binaries)
False Positives
Some safe projects may trigger warnings:
- Large data files: Legitimate models, datasets
- Minified code: Production JavaScript/CSS
- Compiled modules: Native Python extensions
Review manually before deciding to block.
Reference Cases
ClawIntelligentMemory (2026-03-03)
🚨 BLOCKED: Malware disguised as OpenClaw memory system
Evidence:
- resolver.exe (Windows PE executable, no source)
- icon16.txt (289KB single-line,疑似 shellcode)
- App.bat (launches resolver.exe with payload)
- README claims "memory system", actual content is malware
Action: Deleted immediately
Notes
- This is a basic heuristic check, not a full antivirus
- Always use human judgment for final decisions
- Report false positives to improve detection
- Keep this skill updated with new threat patterns
安全使用建议
This appears to be a local static-audit tool; it's coherent with its description. Before installing or auto-wiring it into workflows: (1) review audit.py yourself so you trust the logic, (2) run it in an isolated environment (VM/container) the first few times, (3) remember it's heuristic-only and can produce false positives (large data files, minified code), and (4) do not rely on it as a sole defense — use it as a pre-check and perform manual review for critical code. If you plan to auto-run it after every git clone, be aware you must add that hook yourself; the skill does not auto-install that behavior.
功能分析
Type: OpenClaw Skill
Name: jasonlai-security-audit
Version: 1.0.0
The skill is a legitimate security auditing tool designed to perform static analysis on directories to detect high-risk file types, suspicious patterns (like long base64 strings or shellcode), and README mismatches. The audit.py script uses standard Python libraries to scan files locally without any network activity, data exfiltration, or unauthorized execution. The instructions in SKILL.md correctly guide the AI agent to use the tool for defensive purposes.
能力评估
Purpose & Capability
Name/description match implementation: the skill includes a Python script (audit.py) that performs static checks, and the only declared requirement is python3. There are no unrelated credentials, binaries, or config paths requested.
Instruction Scope
SKILL.md instructs running audit.py against a local repo and suggests inserting it into workflows (after git clone / clawhub install). The script scans files recursively in the provided directory for suspicious patterns and large single-line files; it does not attempt to read environment secrets or reach external endpoints. Note: the README/SKILL.md suggests automatic invocation by OpenClaw but the package contains no install hooks — wiring into CI/clone workflows is manual.
Install Mechanism
No install spec; this is instruction + script only. The script is local and there are no downloads or extract steps that would pull arbitrary remote code.
Credentials
The skill requires no environment variables, no credentials, and only needs read access to the scanned directory. No credentials or unrelated external service tokens are requested.
Persistence & Privilege
always is false and the script does not write persistent configuration or modify other skills. It prints reports to stdout / optional output file only. Enabling automatic invocation would be a user action.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install jasonlai-security-audit - 安装完成后,直接呼叫该 Skill 的名称或使用
/jasonlai-security-audit触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of the security-audit skill.
- Provides automated security checks for external resources such as GitHub repos, downloaded skills, and files.
- Detects malicious code, suspicious executables, obfuscated content, and README/content mismatches.
- Includes clear risk assessment by file type and detailed instructions for use and integration.
- Offers actionable audit results: Safe, Warning, or Critical, with guidance on next steps.
- Designed for integration with OpenClaw workflows and includes best practices for both users and skill authors.
元数据
常见问题
Security Audit by Jason 是什么?
Security audit for external resources (GitHub repos, downloaded skills, files). Detects malicious code, suspicious executables, and content mismatches. Use w... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 247 次。
如何安装 Security Audit by Jason?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install jasonlai-security-audit」即可一键安装,无需额外配置。
Security Audit by Jason 是免费的吗?
是的,Security Audit by Jason 完全免费(开源免费),可自由下载、安装和使用。
Security Audit by Jason 支持哪些平台?
Security Audit by Jason 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Security Audit by Jason?
由 ITHACAJASON(@ithacajason)开发并维护,当前版本 v1.0.0。
推荐 Skills