← 返回 Skills 市场
1766
总下载
3
收藏
3
当前安装
3
版本数
在 OpenClaw 中安装
/install skill-auditor-pro
功能描述
审查 ClawHub skills 的安全性,检测恶意代码、可疑模式和社工攻击。在安装任何第三方 skill 前使用此工具进行安全检查。
安全使用建议
This skill appears to implement a reasonable audit workflow, but review these points before installing or running it: 1) Ensure the host has 'clawhub' (and optionally the 'gemini' CLI) if you plan to use fetch or LLM analysis — the skill does not declare these requirements. 2) Be cautious with the L3 step: the script copies 'suspicious' code to /tmp and instructs an agent/LLM to analyze it — that can leak secrets or sensitive code to whatever model/service you invoke. Prefer running the audit locally and reviewing findings yourself rather than sending raw suspicious files to remote LLMs or public APIs. 3) Confirm the external reporting address ([email protected]) and any IoC lists are from a trusted source before using them. 4) If you need to proceed: run the script in an isolated environment, inspect its output and the /tmp artifact contents manually, and only use LLM analysis on redacted content that removes any credentials or secrets. If you want a safer verdict, provide: where this skill was published (homepage/source repo), whether 'clawhub' and 'gemini' are available in your environment, and whether you intend to allow the agent to send suspicious code to external LLM services.
功能分析
Type: OpenClaw Skill
Name: skill-auditor-pro
Version: 2.1.1
This skill is a security scanner designed to audit other OpenClaw skills. Its code and documentation are entirely consistent with this stated purpose. It implements pattern matching, deobfuscation, and LLM-based intent analysis to detect malicious patterns (e.g., `base64|bash`, `curl|bash`, `eval`, access to sensitive directories like `~/.ssh` or `~/.openclaw`, credential keywords, known C2 IPs/domains). The script creates a temporary file containing identified suspicious code and instructs the OpenClaw agent to `cat` this file for LLM analysis, which is a functional interaction aligned with its 'L3: LLM Intent Analysis' feature, not a malicious prompt injection attempt.
能力评估
Purpose & Capability
The skill's stated purpose (audit ClawHub skills) matches the provided script, but the SKILL.md/script rely on external CLIs (clawhub inspect to fetch skills and an optional 'gemini' CLI for LLM analysis) even though the registry metadata declares no required binaries. Not declaring clawhub (and optionally gemini) is an incoherence — the tool will fail or behave unexpectedly without them.
Instruction Scope
Instructions and the script perform expected auditing actions (pattern scans, deobfuscation), but the L3 flow copies suspicious code to /tmp and explicitly asks the OpenClaw agent/LLM to 'analyze' that file. That step can expose secrets or sensitive code to whichever model/service runs the analysis. The script also searches for sensitive paths ($HOME/.ssh, ~/.aws, ~/.openclaw), which is reasonable for an auditor, but combining detection with automated copying and prompting to an LLM raises data-exfiltration/privacy risk.
Install Mechanism
No install spec (instruction-only with an included script) — low installation risk. The script itself is bundled and will run locally; there are no remote downloads or extract steps in the skill package. This is proportionate to the stated purpose.
Credentials
The skill declares no required env vars or credentials, which is appropriate. However, the scanner looks for references to API keys, tokens, and config dirs in scanned code and will surface them; combined with the L3 step that saves suspicious content to /tmp for agent analysis, that could reveal secrets to an LLM or external service. Also the SKILL.md mentions 'gemini' CLI but does not request it as a required credential/tool.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or global config. It writes temporary files to the system (/tmp, mktemp) which is expected for a scanner; no persistent installation or elevated privileges are requested.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skill-auditor-pro - 安装完成后,直接呼叫该 Skill 的名称或使用
/skill-auditor-pro触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.1.1
Fix: updated ClawHub listing description to English.
v2.1.0
Translated all documentation to English for international users. No functional changes.
v2.0.0
Security scanner for ClawHub skills. L1 pattern matching, L2 base64/hex deobfuscation, L3 LLM intent analysis. Detects C2 servers, social engineering, credential theft.
元数据
常见问题
Skill Auditor Pro 是什么?
审查 ClawHub skills 的安全性,检测恶意代码、可疑模式和社工攻击。在安装任何第三方 skill 前使用此工具进行安全检查。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1766 次。
如何安装 Skill Auditor Pro?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-auditor-pro」即可一键安装,无需额外配置。
Skill Auditor Pro 是免费的吗?
是的,Skill Auditor Pro 完全免费(开源免费),可自由下载、安装和使用。
Skill Auditor Pro 支持哪些平台?
Skill Auditor Pro 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Skill Auditor Pro?
由 sypsyp97(@sypsyp97)开发并维护,当前版本 v2.1.1。
推荐 Skills