← 返回 Skills 市场
Pre-installation Security Check
作者
marianachow0321
· GitHub ↗
· v1.0.1
· MIT-0
121
总下载
1
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install preinstall-security-check
功能描述
Pre-installation security assessment for ClawHub skills. Run before any skill install.
安全使用建议
This skill appears to implement a reasonable pre-install security workflow, but there are unresolved inconsistencies you should address before trusting it: 1) The README references CLI wrapper/setup scripts to enforce checks, but those scripts are not included — ask the author why and request the wrapper code if you expect CLI-level enforcement. 2) Because the skill can spawn sub-agents and run 'openclaw skill install' inside them, confirm how your agent platform sandboxes sub-agents and whether those sub-agents truly isolate network, credentials, and persistent storage. 3) Review the upstream GitHub repo (the skill will fetch metadata) yourself before approving any automatic install; verify stars, recent commits, and look for the missing scripts. 4) Prefer to run the first few checks manually or in a tightly controlled environment (throwaway account or VM) until you confirm the tool's behavior. If you plan to allow autonomous invocation, require higher trust (e.g., verified org, included wrapper code, or an explicit manual review) before giving it free rein.
功能分析
Type: OpenClaw Skill
Name: preinstall-security-check
Version: 1.0.1
This skill functions as a security shim that intercepts 'install' commands to perform risk scoring and sandbox analysis. While the stated intent is protective, it exhibits high-risk behavior by spawning sub-agents to execute third-party code during analysis and referencing missing CLI enforcement scripts (scripts/setup-cli-enforcement.sh) designed to intercept terminal commands. The sandbox procedure in references/sandbox-procedure.md requires installing the target skill to analyze it, which could lead to unintended execution if the platform's sub-agent isolation is bypassed.
能力评估
Purpose & Capability
The name/description (pre-install security check) match the runtime instructions (fetch metadata, score, optionally spawn a sandbox sub-agent and report). However README and SKILL.md claim additional CLI-level enforcement via scripts (scripts/openclaw-security-wrapper.sh and setup-cli-enforcement.sh) that are referenced in documentation but are not present in the shipped file manifest — this mismatch is unexplained and reduces trust.
Instruction Scope
SKILL.md instructs the agent to fetch ClawHub/GitHub metadata, compute risk, and (when appropriate) spawn an isolated sub-agent to run 'openclaw skill install' and grep the installed files for risky patterns. Those actions are within the stated purpose, but two issues stand out: (1) the sub-agent will execute 'openclaw skill install' automatically in sandboxed context — if the parent agent invokes this skill autonomously it may trigger installs inside subagents without obvious user-visible steps; (2) SKILL.md asserts 'Security check cannot be skipped or bypassed', yet the README admits users can bypass via terminal and references wrapper scripts that are not included. The combination of claimed enforcement and missing enforcement artifacts is concerning.
Install Mechanism
This is an instruction-only skill with no install spec and no code files to execute on the host. That minimizes direct installation risk; there are no download URLs or extract operations in the bundle.
Credentials
The skill declares no required environment variables, binaries, or config paths. The sandbox grep looks for references to common credential paths (e.g., ~/.ssh, ~/.aws) but it does not request credentials itself. Requested privileges are therefore proportionate to the stated purpose.
Persistence & Privilege
always:false and disable-model-invocation:false (defaults) are appropriate. However, the skill's ability to spawn sub-agents and run an install workflow means an agent could perform sandbox tests (and in-subagent installs) autonomously if it chooses to invoke this skill — this increases blast radius relative to a purely manual check. The missing CLI wrapper (referenced as preventing bypass) would have introduced more persistence; its absence reduces but does not eliminate risk.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install preinstall-security-check - 安装完成后,直接呼叫该 Skill 的名称或使用
/preinstall-security-check触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
- Removed internal reference documentation and helper scripts no longer needed for runtime use.
- Skill functionality and user workflow remain unchanged.
v1.0.0
Initial release of ClawHub Security Check – a mandatory pre-install security assessment for ClawHub skills.
- Performs automated risk assessment before any skill installation.
- Fetches skill details from ClawHub and GitHub to determine author, activity, and trust indicators.
- Calculates a risk score (0–100) with clear thresholds for approval, sandboxing, or rejection.
- Optionally runs an isolated sandbox analysis for moderate/high-risk or unknown skills.
- Generates a structured security report with verdict and recommendations.
- Requires explicit user confirmation before installation; does not allow bypassing security checks.
元数据
常见问题
Pre-installation Security Check 是什么?
Pre-installation security assessment for ClawHub skills. Run before any skill install. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 121 次。
如何安装 Pre-installation Security Check?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install preinstall-security-check」即可一键安装,无需额外配置。
Pre-installation Security Check 是免费的吗?
是的,Pre-installation Security Check 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Pre-installation Security Check 支持哪些平台?
Pre-installation Security Check 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Pre-installation Security Check?
由 marianachow0321(@marianachow0321)开发并维护,当前版本 v1.0.1。
推荐 Skills