← 返回 Skills 市场
Secucheck
作者
Joonyoung Park
· GitHub ↗
· v2.8.0
3239
总下载
4
收藏
1
当前安装
15
版本数
在 OpenClaw 中安装
/install secucheck
功能描述
Comprehensive security audit for OpenClaw. Scans 7 domains (runtime, channels, agents, cron, skills, sessions, network), supports 3 expertise levels, context-aware analysis, and visual dashboard. Read-only with localized reports.
安全使用建议
What to check before installing or running secucheck:
1) Inspect scripts before execution — open scripts/full_audit.sh, serve_dashboard.sh, and all gather_*.sh to verify they only run read-only commands (ip/ss/netstat, reading ~/.openclaw config, etc.). Look specifically for network download commands (curl/wget), encoded payloads (base64, xxd), or destructive commands (rm -rf, dd, mkfs).
2) Confirm the dashboard binding behavior — examine serve_dashboard.sh to see which address it binds to (localhost vs 0.0.0.0 vs specific LAN IP) and which port it uses. If it binds to non-localhost, consider changing it to localhost or running it inside an isolated container/VM.
3) Review SKILL.md prompt text for the injection phrases flagged; remove or sanitize any language that could be interpreted by the agent as instruction overrides. Treat any embedded 'you are now' / 'ignore previous' style phrases as suspicious.
4) Run the skill in an isolated environment first (container or throwaway VM) and with no elevated privileges. Do not run it as root; the checks themselves warn of high risk when OpenClaw runs as root. Prefer a non-root account with read-only access to the OpenClaw config copy.
5) Verify provenance and metadata — the package has no homepage and source is unknown; confirm the author and repository, and resolve the internal version mismatch before trusting it in production.
6) If you want the report accessible remotely, explicitly consent and secure it (HTTPS, auth, or Tailscale). Avoid automatically advertising a LAN URL to users/devices that shouldn't access it.
If you are unsure, mark this skill as untrusted until a manual code review is completed or ask the author for a signed release/source repository. Running audits is reasonable, but the mismatches and prompt-injection indicators mean you should not run this skill unattended on sensitive systems.
功能分析
Type: OpenClaw Skill
Name: secucheck
Version: 2.8.0
The skill is designed for security auditing, requiring broad permissions. It declares `exec: true` in `skill.json` and uses it across multiple scripts to run system commands, including `sudo` for privilege checks. The `serve_dashboard.sh` script starts a Python HTTP server bound to `0.0.0.0` on port 8766, making the generated report accessible on the local network. While these capabilities are plausibly needed for a comprehensive security audit and the skill includes safeguards like redacting sensitive data and requiring explicit user confirmation for fixes, the presence of such high-risk capabilities without clear malicious intent falls under the 'suspicious' classification as per the defined threshold.
能力评估
Purpose & Capability
Name/description claim a read-only security auditor — that aligns with the included checks and dashboard. However the SKILL.md and scripts clearly read local OpenClaw config and runtime state (e.g. ~/.openclaw, network interfaces), yet the registry metadata declares no required config paths or credentials. Also _meta.json version (2.7.0) inside the package does not match registry metadata (2.8.0). These mismatches reduce traceability and make it harder to confirm the skill's provenance.
Instruction Scope
Agent instructions run a packaged full_audit.sh and then serve a dashboard using serve_dashboard.sh. The SKILL.md explicitly instructs using the LAN-accessible `url` (not localhost) when reporting the dashboard. That encourages exposing an HTML report to the local network. The SKILL.md also declares auto-trigger conditions (on skill install / agent/crons changes). Prompt-injection patterns were detected inside SKILL.md, indicating the skill text may contain phrases meant to override or manipulate the agent's normal instruction handling. All of this expands the runtime scope beyond a simple, passive audit.
Install Mechanism
No external install/download steps — scripts and templates are bundled with the skill. No network-install URLs or extract operations in the manifest were found. That reduces supply-chain risk compared with remote downloads.
Credentials
The skill declares no required env vars or config paths, but its checks and scripts are explicitly intended to read OpenClaw configuration, session directories, network interfaces, and credential locations (e.g. ~/.openclaw paths referenced in the documentation). That is a mismatch: the skill will access potentially sensitive local files without having them declared in metadata. The README/checks also suggest reading tokens and credential files for permission checks, which is reasonable for an auditor but should be explicit in metadata and user consent.
Persistence & Privilege
The package metadata does not request always:true and doesn't declare persistent system changes; the skill claims 'read-only' and 'never modifies configuration automatically'. However SKILL.md instructs auto-triggering on events (skill install, agent changes, cron changes) and to automatically start a local server and report a LAN IP. Autonomous invocation is allowed (default) — combined with the auto-trigger behavior and LAN-serving dashboard, this increases the practical blast radius if misused. No direct evidence of modifying other skills or system-wide settings was found.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install secucheck - 安装完成后,直接呼叫该 Skill 的名称或使用
/secucheck触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.8.0
secucheck 2.8.0
- Improved handling and documentation for failed security checks by adding platform-specific fallback commands.
- Enhanced cross-platform compatibility with clearer instructions for Linux, macOS, WSL, Windows, and DSM environments.
- Expanded agent instructions on fallback procedures for minimal environments and missing tools.
- Documentation updates in SKILL.md for platform detection fields and fallback workflow.
- No core features changed; this is a workflow and documentation enhancement release.
v2.7.1
Fix: Use LAN IP instead of localhost for dashboard URL guidance
v2.7.0
Dashboard v2: Inter + JetBrains Mono fonts, larger text (16px base), working expand/collapse with arrow indicator, professional security aesthetic, fixed ClawHub link.
v2.6.0
Simplified dashboard: Clean monochrome dark theme, no gradients/animations. Localized templates (ko, en, ja, zh). Professional security aesthetic.
v2.5.0
Dashboard redesign: Modern dark theme with gradients, better typography, Info count added, improved mobile layout, animated score circle, color-coded finding items.
v2.4.0
Dashboard now uses full_audit.sh output directly. Findings synchronized between text report and dashboard. Category-based sections with proper severity badges.
v2.3.2
Dashboard now returns local IP URL for remote access (not just localhost).
v2.3.1
Report format: Organize findings by category (Runtime, Agents, Workspace, Skills, Channels, Network). Auto-open dashboard after text report.
v2.3.0
Enhanced agent analysis: Scans SOUL.md files for risky patterns, checks agent directory permissions, scans AGENTS.md for security-relevant patterns (exec, sudo, automation). Workspace file inventory added.
v2.2.0
Cross-platform support: Linux, macOS, WSL, DSM, Windows. Added OS detection (os_variant, in_wsl, in_dsm). Failed checks tracking with fallback commands guide. Agent can supplement with platform-specific commands.
v2.1.9
Fixed: Use bash explicitly for script calls. ClawHub strips executable permissions during publish/install.
v2.1.8
Added YAML frontmatter with summary for ClawHub display. All internal processing in English, localized final reports only.
v2.1.7
All internal processing in English. Added Summary section, Trust Hierarchy, Incident Response reference, Security Assessment Questions. Localized output only for final user-facing report.
v1.1.0
Added runtime checks, dashboard support, full_audit script
v1.0.0
Initial release of secucheck: OpenClaw Security Audit skill.
- Provides comprehensive security checks for channels, agents, cron jobs, skills, sessions, network, and runtime environment.
- Supports 3 explanation levels (beginner, intermediate, expert) with tailored outputs in Korean and English.
- Offers visual HTML dashboard reports and direct browser viewing.
- Auto-triggers security reviews on skill/agent/cron job changes.
- Includes risk analysis matrix, context-aware exceptions, and clear, user-confirmed remediation guidance.
- Advanced finding formatting and scenario-based explanations.
元数据
常见问题
Secucheck 是什么?
Comprehensive security audit for OpenClaw. Scans 7 domains (runtime, channels, agents, cron, skills, sessions, network), supports 3 expertise levels, context-aware analysis, and visual dashboard. Read-only with localized reports. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 3239 次。
如何安装 Secucheck?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install secucheck」即可一键安装,无需额外配置。
Secucheck 是免费的吗?
是的,Secucheck 完全免费(开源免费),可自由下载、安装和使用。
Secucheck 支持哪些平台?
Secucheck 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Secucheck?
由 Joonyoung Park(@jooneyp)开发并维护,当前版本 v2.8.0。
推荐 Skills