← 返回 Skills 市场
nirhalfon

Malware Analyst

作者 nirhalfon · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ 安全检测通过
172
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install remnux-malware-triage
功能描述
perform concise malware triage, focused IOC extraction, infrastructure hunting, and markdown report writing on remnux when the user supplies a suspicious fil...
安全使用建议
This skill appears to be what it claims: a REMnux-focused triage helper that reads user-supplied samples and writes a concise markdown report. Before installing or invoking it, verify: 1) you will run it in a REMnux environment (or equivalent) that provides the analysis tools it expects; 2) you are comfortable letting the agent access only the specific files/attachments you supply (don't give unrelated sensitive paths); 3) the report output path (/home/remnux/files/output) is acceptable and writable; and 4) you explicitly approve any dynamic execution or external submissions — the skill says it will not perform those without your consent. If you need stricter guarantees, ask the skill owner for an explicit list of required binaries and permission boundaries.
功能分析
Type: OpenClaw Skill Name: remnux-malware-triage Version: 1.0.0 The remnux-malware-triage skill bundle is a legitimate toolset designed for structured malware analysis and triage on a REMnux environment. The instructions in SKILL.md and references/triage-playbook.md emphasize safety, such as defanging network indicators, treating sample content as hostile, and requiring explicit user consent before performing dynamic analysis. The workflow is well-defined, focusing on local file analysis and reporting to a specific output directory (/home/remnux/files/output) without any indicators of malicious intent or data exfiltration.
能力评估
Purpose & Capability
Name/description promise (REMnux triage, IOC extraction, concise reports) matches the SKILL.md and reference documents. The skill does not request unrelated credentials, system paths, or exotic installs — it expects a REMnux analysis environment and stays focused on triage tasks.
Instruction Scope
SKILL.md instructs the agent to read user-supplied files/attachments, compute hashes, inventory archives, and write a markdown report. This is appropriate for triage, but it assumes the platform will provide access to attachments and that writing to /home/remnux/files/output is allowed. The skill explicitly forbids dynamic execution or external submission unless the user requests it, which limits scope creep.
Install Mechanism
No install specification or external downloads — instruction-only skill. This minimizes installation risk; it relies on the host REMnux toolchain but does not attempt to fetch or execute third-party code.
Credentials
The skill requests no environment variables or credentials, which is proportionate. One caveat: it implicitly expects REMnux tooling to be present (e.g., hashing, static-analysis tools) but does not declare required binaries; users should ensure the execution environment actually provides those tools.
Persistence & Privilege
always is false and the skill does not request persistent system-wide privileges. It does write reports to a fixed path (/home/remnux/files/output), which is reasonable for its purpose but should be confirmed by the user.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install remnux-malware-triage
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /remnux-malware-triage 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
remnux-malware-triage 1.0.0 – Initial release - Provides triage-first malware analysis on REMnux, focused on identifying primary payloads, extracting IOCs, and tracing infrastructure. - Supports intake from file paths, hashes, or chat attachments and emphasizes correct artifact scoping. - Follows a first-pass static analysis approach, escalating only if deeper investigation is justified or requested. - Separates observed vs inferred indicators and clearly distinguishes unconfirmed IOCs. - Outputs concise chat summaries and structured markdown reports to a dedicated output directory.
元数据
Slug remnux-malware-triage
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Malware Analyst 是什么?

perform concise malware triage, focused IOC extraction, infrastructure hunting, and markdown report writing on remnux when the user supplies a suspicious fil... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 172 次。

如何安装 Malware Analyst?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install remnux-malware-triage」即可一键安装,无需额外配置。

Malware Analyst 是免费的吗?

是的,Malware Analyst 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Malware Analyst 支持哪些平台?

Malware Analyst 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Malware Analyst?

由 nirhalfon(@nirhalfon)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 留言讨论