← 返回 Skills 市场
freecodewu

Skill Auditor in Sandbox

作者 freecodewu · GitHub ↗ · v1.0.3 · MIT-0
cross-platform ⚠ suspicious
85
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install skill-auditor-in-sandbox
功能描述
Launch a NovitaClaw (OpenClaw) sandbox, install a specified skill, and generate an installation & security audit report. Use when: (1) You want to test a com...
安全使用建议
This skill mostly does what it claims, but proceed cautiously. Before installing or running: (1) verify the upstream repository (https://github.com/freecodewu/skill-auditor-in-sandbox) and the novitaclaw install script contents; (2) confirm NOVITA_API_KEY usage and limit its scope if possible; (3) review the two scripts locally — the audit script intentionally obfuscates patterns to avoid static scanners and will capture and include full text of many files (which can leak secrets); (4) run the tool only against untrusted skills inside an isolated Novita sandbox (do not use a production account or high-privilege API key); (5) consider modifying the audit script to avoid exporting sensitive files and to log findings without dumping entire file contents; (6) because the metadata does not declare required env vars, expect to supply SANDBOX_ID and NOVITA_API_KEY manually and verify these prompts before use.
功能分析
Type: OpenClaw Skill Name: skill-auditor-in-sandbox Version: 1.0.3 The skill-auditor-in-sandbox bundle is a security tool designed to test and audit other OpenClaw skills within an isolated NovitaClaw sandbox. It includes scripts (install-skill.mjs and audit-skill.mjs) that automate the process of launching a sandbox, installing a target skill from GitHub or ClawHub, and scanning for suspicious patterns like shell execution, network calls, and sensitive file access. The code implements input validation for skill names to prevent command injection and uses sandboxing to protect the host environment. While it uses string concatenation for its search patterns (e.g., 'sub' + 'process') to avoid self-detection by static scanners, this is a standard practice for security auditing tools and does not indicate malicious intent.
能力评估
Purpose & Capability
The SKILL.md and included scripts clearly require a Novita API key, a SANDBOX_ID, the novitaclaw CLI, and the novita-sandbox package — but the registry metadata lists no required env vars or binaries. Requesting a Novita API key is coherent with launching NovitaClaw sandboxes, but the metadata omission is an inconsistency that could mislead users about what access the skill needs.
Instruction Scope
The runtime instructions and scripts perform broad inspections: they grep for risky tokens, enumerate URLs, list external path references, and read and output full text contents of many file types from the installed skill. Emitting full fileContents in the report could reveal secrets embedded in the audited repo. The audit script also builds grep patterns by concatenating string fragments and documents that it does so to 'avoid triggering static scanners' — that deliberate obfuscation is unexpected for a security tool and is a red flag.
Install Mechanism
There is no registry install spec (instruction-only), but package.json declares a dependency on 'novita-sandbox' and SKILL.md suggests installing the novitaclaw CLI via curl | bash. The user-run curl|bash instruction pulls a script from a remote host (novitaclaw.novita.ai); downloading/executing a remote install script has higher risk and should be verified. The included scripts run git clones of arbitrary repos into the sandbox (expected for a tester), but that behavior amplifies the need for isolation and scrutiny.
Credentials
The scripts require SANDBOX_ID, NOVITA_API_KEY and SKILL_NAME (and SKILL.md asks users to set NOVITA_API_KEY), which are proportionate to launching and managing a Novita sandbox — however these env vars are not declared in the registry metadata. The audit script also reads and outputs package/requirements files and arbitrary text files from the installed skill, which can expose sensitive data if present in the scanned repo. The skill requests more sensitive inputs than the metadata indicates.
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not modify other skills or system-wide agent settings. It executes its actions inside a Novita sandbox via the novita-sandbox API rather than on the host (as intended). Note: the skill can be invoked autonomously by the agent (default), which combined with other concerns increases blast radius — but autonomous invocation alone is not a reason to block.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install skill-auditor-in-sandbox
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /skill-auditor-in-sandbox 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.3
Version 1.0.3 of skill-auditor-in-sandbox - No file changes detected. - Documentation and functionality remain unchanged from the previous version.
v1.0.2
No code or documentation changes detected in this release. - Version bump to 1.0.2 - No functional or documentation updates included - Existing features and instructions remain unchanged
v1.0.1
- Updated documentation links from novitaclaw.novita.ai to novita.ai/docs/guides/novitaclaw. - Security audit documentation improved: clarified suspicious code examples and external path references. - Report workflow change: after generating a report, the sandbox is now automatically paused to save costs, and the user is informed how to resume or stop it. - Minor clarifications to risk assessment criteria and report structure. - No file/code changes other than SKILL.md documentation updates.
v1.0.0
Initial release. Launch NovitaClaw sandbox, install skill from ClawHub/GitHub, run security audit (suspicious patterns, URLs, external paths, dependencies), and generate risk assessment report (LOW/MEDIUM/HIGH/CRITICAL).
元数据
Slug skill-auditor-in-sandbox
版本 1.0.3
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 4
常见问题

Skill Auditor in Sandbox 是什么?

Launch a NovitaClaw (OpenClaw) sandbox, install a specified skill, and generate an installation & security audit report. Use when: (1) You want to test a com... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 85 次。

如何安装 Skill Auditor in Sandbox?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-auditor-in-sandbox」即可一键安装,无需额外配置。

Skill Auditor in Sandbox 是免费的吗?

是的,Skill Auditor in Sandbox 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Skill Auditor in Sandbox 支持哪些平台?

Skill Auditor in Sandbox 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Skill Auditor in Sandbox?

由 freecodewu(@freecodewu)开发并维护,当前版本 v1.0.3。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 留言讨论