← 返回 Skills 市场
rhombusmaximus

security-sweep

作者 RhombusMaximus · GitHub ↗ · v1.1.2 · MIT-0
cross-platform ⚠ suspicious
136
总下载
0
收藏
0
当前安装
6
版本数
在 OpenClaw 中安装
/install security-sweep
功能描述
Security scanner for OpenClaw skills and plugins. Scans for hardcoded secrets, dangerous exec patterns, dependency vulnerabilities, and network egress. Use w...
安全使用建议
This skill appears to be a real scanner, but take care before running it on sensitive or third‑party code. Actions to take before using: - Inspect the scripts yourself (full-scan.sh, skill-scan.sh, quick-scan.sh) and confirm you understand what they will read and where they will write. - Do NOT use --encrypt-found on code you do not control. The feature uploads encrypted blobs to your Notion account (client-side encrypted), which still transmits ciphertext to a cloud service. - If you plan to use the Notion flow, verify the local notion-secrets.js tool is trusted and audited; store NOTION_MASTER_PASSWORD only in a secure place (and prefer interactive invocation rather than putting secrets into long-lived CI variables unless you accept the risk). - Be aware the scripts call npm audit and expect node/npm present; run them in an environment where those tools exist and where running npm audit (and potential network calls) is acceptable. - The SKILL.md suggests adding a cron job and storing report paths in agent memory — only enable that if you want periodic autonomous scans and you accept reports and their locations being recorded by the agent. If you are unsure, run scans in a disposable/isolated environment (or on a copy of the workspace) and avoid the encrypt-to-Notion and cron automation features until you’ve validated the tooling and secrets flow.
功能分析
Type: OpenClaw Skill Name: security-sweep Version: 1.1.2 The 'security-sweep' skill is classified as suspicious due to a feature in `scripts/full-scan.sh` that allows for the exfiltration of discovered secrets to a remote Notion workspace via the `--encrypt-found` flag. While documented as a secure storage option in `README.md` and `references/notion-encryption.md`, this capability programmatically collects and transmits sensitive credentials (API keys, tokens) to an external service. The reliance on an external, unprovided script (`~/.openclaw/scripts/notion-secrets.js`) and the requirement for a `NOTION_MASTER_PASSWORD` environment variable create a high-risk path for sensitive data handling that lacks transparency and could be abused for unauthorized data exfiltration.
能力评估
Purpose & Capability
The name/description match the included scripts: the code is a scanner for hardcoded secrets, exec/eval patterns, npm audit and network egress. That capability is coherent with the stated purpose. However the skill advertises an optional 'auto-encrypt to Notion' feature and references a local helper (notion-secrets.js) and NOTION_MASTER_PASSWORD, yet the skill metadata declares no required environment variables or credentials — a mismatch that needs explanation.
Instruction Scope
The SKILL.md and scripts instruct the agent/user to scan both workspace and built-in skill dirs (including a brew Cellar path). They also recommend an --encrypt-found path that will call a local notion-secrets.js to push encrypted blobs to Notion, and they suggest adding a cron job that schedules periodic scans and writes the report path into agent memory. These behaviors go beyond simple read-only scanning: they involve uploading findings (even if encrypted) to a cloud service and scheduling autonomous runs that can persist report locations in memory. The instructions do not clearly restrict use to only user-controlled repos and explicitly warn against using encrypt on third-party skills — but that warning is a manual step and easy to miss.
Install Mechanism
There is no install spec (instruction-only + bundled scripts), which keeps install risk low. However the scripts assume presence of system tools (grep, bash, mktemp), node and npm (they call node and npm audit), and brew is referenced in SKILL.md; none of these binaries or platform assumptions are declared in metadata. That's a minor coherence gap to surface to users.
Credentials
The code and docs reference NOTION_MASTER_PASSWORD and expect a local helper (~/.openclaw/scripts/notion-secrets.js) and a Notion integration token; yet the skill metadata lists no required env vars or credentials. Uploading found secrets to Notion (even encrypted) and requiring a master password are sensitive operations and should be explicitly declared. The number and sensitivity of these implicit secrets (Notion API token + master password) are disproportionate relative to a simple scanner unless the user explicitly opts into the Notion storage workflow.
Persistence & Privilege
The skill is not force-enabled (always: false). It does, however, include instructions to schedule periodic scans via an openclaw cron add command and to save report paths into agent memory. Scheduling autonomous periodic scans and storing report locations increases the blast radius if misused, but these actions are optional and explicit in SKILL.md. Combine this with the Notion upload flow and undeclared env use for greater caution.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install security-sweep
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /security-sweep 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.2
Fix set -u crash: scan_skill output now captured via tail -1 to isolate return values from progress printf. Fixes unbound variable error on command-center and other complex skills.
v1.1.1
Fix bash arithmetic crash on skill names with hyphens. Add missing skill-scan.sh and npm-audit.sh scripts. Fix false positive secret scanner results on .md files and tests/. Tighten secret regex to match only key=value patterns. Update stale version in SKILL.md.
v1.1.0
**Notion secrets usage instructions clarified and expanded.** - Updated secret storage workflow to require NOTION_MASTER_PASSWORD for scripting. - Added instructions for retrieving encrypted blobs with a new `get` command. - Clarified which commands need or do not need the master password. - No functional security-sweep scanner changes; documentation improvement only. - Version in SKILL.md not changed (remains 1.0.1 despite documentation update).
v1.0.2
- Added detailed warnings and documentation to the SKILL.md section on secret encryption, including implications of using the --encrypt-found flag and the importance of securely storing the master password. - No changes to core functionality; updates are limited to documentation for improved user safety and clarity. - Version field in SKILL.md set to 1.0.1 (note: version file and release tag remain 1.0.2).
v1.0.1
- Added auto-encryption of detected secrets to Notion using the user's encrypted secrets store; plain-text secrets are never stored. - Updated the documentation with setup and usage instructions for Notion-based secret storage and encryption. - Added README.md and references/notion-encryption.md with guidance for Notion encryption. - Removed quick-scan.sh script; quick scans are now referenced in documentation but not included as a script. - Revised risk categories and publishing checklist to include encryption requirement and improved security workflow.
v1.0.0
- Initial release of the security-sweep skill for OpenClaw. - Scans skills/plugins for hardcoded secrets, dangerous exec patterns, dependency vulnerabilities, potential network egress, and input injection risks. - Provides workflows for full, quick, single-skill, and npm audit scans. - Categorizes findings by severity with recommended actions for each risk level. - Generates and saves detailed security reports; supports periodic scanning via cron. - Includes best practices for auditing and publishing skills to ClawHub.
元数据
Slug security-sweep
版本 1.1.2
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 6
常见问题

security-sweep 是什么?

Security scanner for OpenClaw skills and plugins. Scans for hardcoded secrets, dangerous exec patterns, dependency vulnerabilities, and network egress. Use w... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 136 次。

如何安装 security-sweep?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install security-sweep」即可一键安装,无需额外配置。

security-sweep 是免费的吗?

是的,security-sweep 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

security-sweep 支持哪些平台?

security-sweep 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 security-sweep?

由 RhombusMaximus(@rhombusmaximus)开发并维护,当前版本 v1.1.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论