← 返回 Skills 市场
MiaoQIDS 🛡️量子防火墙-会做pcap文件分析的猫娘
作者
tsherryyann
· GitHub ↗
· v0.1.1
· MIT-0
98
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install miao-qids
功能描述
量子入侵检测系统技能喵~ 基于经典-量子混合神经网络的入侵检测系统,可以分析网络流量数据(PCAP 文件),检测多种攻击类型,并为每种攻击提供置信度喵~ 提供安全防护建议喵。
安全使用建议
Before installing or running this skill, consider the following: 1) Treat model files (cnn_mtd_final.pth, qnn_model.pkl, or other .pkl/.pth) as untrusted input — loading them uses pickle/torch.load which can execute arbitrary code. Only use models from a trusted source. 2) Inspect skill.py to confirm which host/interface the HTTP server binds to; prefer localhost-only binding and keep allowclients.txt restrictive to avoid exposing the analyzer. 3) Expect outbound network calls to ip-api.com for IP geolocation; if that is undesirable, modify/disable ip_query in code or replace with an offline database. 4) The code will create cache and result directories and save feature .npy files — ensure the cache path is acceptable and does not leak sensitive data. 5) The SKILL.md omitted important dependencies (pyqpanda3, pyvqnet, sklearn). Prepare to install these in a controlled environment (preferably isolated/air-gapped or containerized). 6) Run this skill in a sandboxed environment (VM/container) or with network egress controls until you are comfortable with its behavior, and audit any third-party model files you provide. 7) If you need higher assurance, request full startup script and the untruncated skill.py so you can confirm the server bind address and any remaining endpoints or behaviors.
功能分析
Type: OpenClaw Skill
Name: miao-qids
Version: 0.1.1
The skill implements a complex hybrid classical-quantum intrusion detection system, but it contains several high-risk vulnerabilities and behaviors. It uses 'pickle.load' and 'torch.load' to load model data in 'CNNmodel.py', 'QNNmodel.py', and 'FeatureSelection.py', which are known vectors for Remote Code Execution (RCE) if model files are tampered with. The MCP server in 'skill.py' is an unauthenticated HTTP server that accepts arbitrary file paths ('pcap_path') from POST requests, which could be exploited to process sensitive system files. Additionally, 'skill.py' performs external network requests to 'ip-api.com' to geolocate IP addresses extracted from the analyzed traffic, constituting a potential data leak.
能力标签
能力评估
Purpose & Capability
Name/description claim an IDS that analyzes PCAPs using a hybrid classical/quantum network, which matches the code. However SKILL.md's dependency list omits required quantum libraries (pyqpanda3, pyvqnet) and sklearn components used by FeatureSelection/FileLoader. The code also forces CUDA-related environment choices for PyTorch. These missing/extra requirements are disproportionate to what's declared and can surprise operators.
Instruction Scope
Runtime behavior is largely within the stated purpose (reading PCAP, extracting features, running CNN and QNN inference). But the code performs these additional actions: (1) loads model files with pickle and torch.load (unsafe if model files are untrusted), (2) writes cache and result files to disk, (3) performs external HTTP requests to ip-api.com for IP geolocation, (4) reads allowclients.txt and starts an HTTP MCP service. The pickle/torch deserialization and external network requests expand the data surface beyond simple local analysis.
Install Mechanism
There is no install spec (instruction-only), which limits installer-level risk. However the repository includes code that requires heavy native/third-party packages (PyTorch, scapy, pyqpanda3/pyvqnet, sklearn). The absence of dependency installation guidance for those quantum and sklearn packages is a practical inconsistency (you may fail to run or silently fall back to CPU/CUDA settings).
Credentials
The skill declares no required env vars or credentials (good). Nevertheless it performs network operations (outbound requests to ip-api.com and a UDP connect to 8.8.8.8 to determine local IP), and it enumerates local interfaces (get_if_list/get_if_addr). Those actions are reasonable for geolocation and local-IP logic but are sensitive operations and should be disclosed. Also model loading uses pickle/torch.load which can execute code embedded in model files — requiring trust in model files.
Persistence & Privilege
The skill is not marked always:true. It runs an HTTP server (MCP) and writes cache/result files; by default allowclients.txt contains only 127.0.0.1, but the server binding is not visible in the truncated code. If the server binds to 0.0.0.0 or allowclients is modified, the service could be reachable remotely. No evidence the skill modifies other skills or agent configuration.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install miao-qids - 安装完成后,直接呼叫该 Skill 的名称或使用
/miao-qids触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.1
基于经典-量子混合神经网络的入侵检测系统
- 支持 PCAP 文件流量分析,检测 8 种攻击类型并输出多类型置信度分布
- 提供基于输出类型的详细安全防护建议和攻击者 IP 归属地自动查询
- 支持 HTTP 接口调用和参数灵活配置
- 支持特征缓存与模型重建误差评估,提升检测效率与结果可靠性
-权重和坐标系文件下载来源:https://gitee.com/TSherry/MiaoQIDS
-使用前先把skill.md以及各py文件里面的有关路径根据自己电脑的情况设置好
-运行时需要电脑管理员权限,若管理员用户没有对应运行库则使用sys.path.append语句把运行库路径添加进去。
元数据
常见问题
MiaoQIDS 🛡️量子防火墙-会做pcap文件分析的猫娘 是什么?
量子入侵检测系统技能喵~ 基于经典-量子混合神经网络的入侵检测系统,可以分析网络流量数据(PCAP 文件),检测多种攻击类型,并为每种攻击提供置信度喵~ 提供安全防护建议喵。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 98 次。
如何安装 MiaoQIDS 🛡️量子防火墙-会做pcap文件分析的猫娘?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install miao-qids」即可一键安装,无需额外配置。
MiaoQIDS 🛡️量子防火墙-会做pcap文件分析的猫娘 是免费的吗?
是的,MiaoQIDS 🛡️量子防火墙-会做pcap文件分析的猫娘 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
MiaoQIDS 🛡️量子防火墙-会做pcap文件分析的猫娘 支持哪些平台?
MiaoQIDS 🛡️量子防火墙-会做pcap文件分析的猫娘 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 MiaoQIDS 🛡️量子防火墙-会做pcap文件分析的猫娘?
由 tsherryyann(@tsherryyann)开发并维护,当前版本 v0.1.1。
推荐 Skills