Secure Storage

AES 加密存储，用于安全保存 API 密钥等敏感信息

This skill implements local encrypted storage but is misleading and not safe for high-value secrets as-is. Key issues to consider before installing or using: 1) SKILL.md claims the encryption key comes from an environment variable, but the script ignores env vars and uses a hardcoded SIMPLE_KEY ('openclaw-secure-storage-v1') with a static salt — an attacker who obtains the repo can decrypt stored values. 2) The code uses a simple AES-256-CBC scheme with a static salt and no authentication (no AES-GCM or HMAC), which is not production-grade. 3) The documented filename ('.secure-storage.json') differs from the actual path the script writes to ('$HOME/.openclaw/workspace/memory/secure-storage.json'), which could cause surprise or data scattering. 4) Although the file is written with 0600, anyone with filesystem access to your HOME can read it; do not store high-value secrets (root-level AWS keys, production tokens) without stronger protections. Recommended actions: do not rely on this for critical secrets; ask the author to (a) actually read the encryption key from a required env var and declare it in metadata, (b) use a well-reviewed authenticated encryption scheme (e.g., AES-GCM or use OS keychain/KMS), (c) use a proper per-secret salt/IV/key derivation and not a hardcoded salt or key, (d) fix documentation to match actual storage path, and (e) consider storing secrets in the OS keyring or cloud KMS instead. If you still want to use it for low-value items, review and run the script in an isolated environment and consider modifying it to accept and require a real secret (from env) and to use authenticated encryption.

Type: OpenClaw Skill Name: secure-storage Version: 1.0.1 The skill provides a local key-value store claiming to be 'secure,' but it contains a critical vulnerability: the encryption key and salt are hardcoded in `scripts/secure-storage.js` (`SIMPLE_KEY` and 'salt'), making the encryption trivial to bypass. Furthermore, there is a discrepancy between the code and `SKILL.md`, which falsely claims the encryption key is read from environment variables. While no evidence of intentional data exfiltration or malicious execution was found, the weak cryptographic implementation poses a significant risk for storing sensitive information.