← 返回 Skills 市场
xenofex7

Phishing Reporter

作者 xenofex7 · GitHub ↗ · v1.1.0 · MIT-0
cross-platform ⚠ suspicious
285
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install phishing-reporter
功能描述
Report phishing, malware, and scam URLs to Google Safe Browsing, NCSC (Swiss Cyber Security), and other abuse reporting services. Use when a user shares a su...
安全使用建议
This skill appears to do what it says (automating abuse reports), but be cautious before installing: - Ask the author (or check platform docs) how the 'browser tool (profile: openclaw)' is implemented. If the agent will use an existing browser profile, it could access cookies, active sessions, or saved credentials — prefer an isolated/incognito profile for automation. - The SKILL.md mentions running 'whois' but declares no required binaries; ensure the runtime has whois or accept the web fallback (who.is) and that the agent won't try to execute unexpected shell commands. - The note about reCAPTCHA v3 'usually passes for headless browsers' suggests attempts to automate around CAPTCHA defenses; decide whether you are comfortable with that behavior and check legal/policy implications. - If you plan to enable autonomous invocation, restrict scope or test in a controlled environment first. If possible, request from the author a clear statement that no personal data or credentials will be used during automation and that automation runs in a fresh browser context.
功能分析
Type: OpenClaw Skill Name: phishing-reporter Version: 1.1.0 The phishing-reporter skill is designed to help users report malicious URLs to legitimate security authorities such as Google Safe Browsing and the Swiss National Cyber Security Centre (NCSC). The instructions in SKILL.md and references/services.md provide clear, automated workflows for interacting with official reporting forms and chat wizards, with no evidence of data exfiltration, malicious execution, or prompt injection.
能力评估
Purpose & Capability
The name and description (report phishing URLs to abuse services) match the SKILL.md: it lists Google Safe Browsing, NCSC, registrars, and other reporting endpoints and gives step-by-step browser automation instructions. Minor mismatch: SKILL.md suggests running 'whois <domain>' or using who.is, but the skill declares no required binaries — the author assumes platform tools exist.
Instruction Scope
Instructions rely on browser automation with a specific profile ('openclaw') which could give access to cookies, stored sessions, or other browser state if implemented literally; the skill does not describe isolating the automation (incognito/clean profile). It also notes that reCAPTCHA v3 'usually passes for headless browsers' — wording that implies attempting automated CAPTCHA bypass, which is sensitive and may conflict with site policies or create abuse risk. Otherwise instructions stay within the stated reporting purpose and do not ask to read unrelated files or env vars.
Install Mechanism
No install spec and no code files (instruction-only). This is lowest-risk from an install/execution standpoint — nothing will be downloaded or written by the skill itself.
Credentials
The skill requests no environment variables or credentials, which is appropriate. However, it does rely on platform capabilities (a browser automation tool and optionally the 'whois' binary) without declaring them; use of a named browser profile is a privacy/credential risk that isn't justified or explained in the SKILL.md.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent presence or claim to modify other skills or system-wide settings. Autonomous invocation is enabled by default but not by itself a red flag here.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install phishing-reporter
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /phishing-reporter 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
Added NCSC Switzerland (chat wizard workflow + direct path URLs), domain registrar reporting, expanded services reference
v1.0.0
Initial release: Report phishing URLs to Google Safe Browsing via browser automation
元数据
Slug phishing-reporter
版本 1.1.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 2
常见问题

Phishing Reporter 是什么?

Report phishing, malware, and scam URLs to Google Safe Browsing, NCSC (Swiss Cyber Security), and other abuse reporting services. Use when a user shares a su... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 285 次。

如何安装 Phishing Reporter?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install phishing-reporter」即可一键安装,无需额外配置。

Phishing Reporter 是免费的吗?

是的,Phishing Reporter 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Phishing Reporter 支持哪些平台?

Phishing Reporter 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Phishing Reporter?

由 xenofex7(@xenofex7)开发并维护,当前版本 v1.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论