← 返回 Skills 市场
lvcidpsyche

Bomb Dog Sniff

作者 LvcidPsyche · GitHub ↗ · v0.1.0
cross-platform ⚠ suspicious
1262
总下载
2
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install skill-bomb-dog-sniff
功能描述
Security-first skill management for OpenClaw - like a bomb-sniffing dog for skills. Sniffs out malicious payloads (crypto stealers, keyloggers, reverse shells) before installation. Quarantine → Scan → Install only the safe ones.
安全使用建议
This skill appears to be what it claims (a scanner + safe installer) but take the following precautions before installing or running it with access to your real skills directory: - Inspect the SKILL.md and code yourself (scan.js, safe-download.js, scripts/sniff.sh). The SKILL.md contained unicode control characters — open it in a raw text editor to verify nothing hides in rendering. - Run the scanner in a sandbox or container first (e.g., throwaway VM or ephemeral container) and point it at known-good targets to validate behavior. - Review safe-download.js: it invokes 'unzip' and 'npx clawhub' and will copy files into your OPENCLAW_SKILLS_DIR. Ensure these subprocess calls and their arguments are acceptable in your environment and not run as root. - Verify quarantine behavior: confirm the quarantine path, permissions, and automatic cleanup meet your policy. Consider changing quarantine to a directory you control. - Check that network downloads are limited to HTTPS and consider mirroring sources you trust rather than relying on arbitrary GitHub repos or clawhub via npx. - Prefer running the scanner (scan.js) only before automatic installs; use --dry-run and review JSON reports before allowing any auto-install. - If you are not comfortable auditing the code, prefer community-vetted scanners or obtain this package from an authoritative repository with a commit history and maintainer traceability. Given the prompt-injection indicator and the use of subprocesses that act on downloaded code, manual review or sandboxed execution is recommended before granting it access to your real skill installation directory.
功能分析
Type: OpenClaw Skill Name: skill-bomb-dog-sniff Version: 0.1.0 The OpenClaw AgentSkills skill bundle 'bomb-dog-sniff' is a security scanner designed to detect malicious patterns in other skills. Its core components (`scan.js`, `safe-download.js`, `patterns.js`, `scripts/sniff.sh`) are all focused on this purpose. The skill implements robust security measures such as path sanitization, secure quarantine directories, download size/timeout limits, and symlink loop protection. While it interacts with the file system, network, and child processes, these actions are necessary for its stated function and are performed with security best practices. The presence of explicitly labeled 'test-malicious-skill' files (e.g., `test-malicious-skill/scripts/malicious.js`) demonstrates the scanner's detection capabilities rather than indicating malicious intent of the skill itself. The `SKILL.md` documentation is descriptive and does not contain prompt injection attempts against the AI agent.
能力评估
Purpose & Capability
Name/description (scanner + safe-install) match the code: scan.js/patterns.js implement static detection patterns and safe-download.js implements download → quarantine → scan → install flows. Child processes (unzip, npx clawhub) and copying into OPENCLAW_SKILLS_DIR are consistent with a safe-install feature.
Instruction Scope
SKILL.md and the code instruct the agent to download repositories, extract archives, run npx clawhub, and copy/overwrite installed skills. The runtime will read the user's HOME and OPENCLAW_SKILLS_DIR paths and may access installed skill directories for auditing. SKILL.md also contains a pre-scan injection signal (unicode-control-chars) which can be used to manipulate LLM-based evaluation or rendering — this reduces trust in the documentation and requires manual inspection of the SKILL.md and code before use.
Install Mechanism
No registry install spec is declared (instruction-only), but code will download ZIP archives from GitHub (HTTPS only) and invoke system 'unzip' and 'npx'. Those are expected for this functionality but increase risk compared to a pure static analyzer because external repos are fetched and native subprocesses are executed. The downloader enforces size/time limits and HTTPS but follows redirects and will spawn external tools (unzip, npx), so validate the runtime environment and tool versions.
Credentials
The skill declares no required environment variables and does not demand unrelated secrets. It references standard env vars (HOME, OPENCLAW_SKILLS_DIR) to determine quarantine/install locations — expected for a downloader/installer. The scanner itself looks for code that reads process.env in target skills (which is expected behavior for a security scanner).
Persistence & Privilege
always:false (no forced installation). The skill can install skills into the user's skills directory and backup/overwrite existing skills — this is consistent with its 'safe-install' purpose. It does not request elevated platform privileges or attempt to modify other skills' configuration beyond installing/updating them as expected.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install skill-bomb-dog-sniff
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /skill-bomb-dog-sniff 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
bomb-dog-sniff v1.2.0 is a major security and detection upgrade for OpenClaw skill scanning. - Fixed command injection and added path traversal protection for safer downloads and scanning. - Quarantines skills in randomized, permission-locked directories before scanning. - Now detects and skips binary/oversized files and restricts regex processing to prevent resource attacks. - Smarter detection: reduced false positives, added entropy analysis for encoded threats, awareness of test files, and per-finding confidence scoring. - Expanded to 13 detection categories, now including supply chain attacks, prototype pollution, and new script-based threats. - New detection patterns target credential and SSH key theft, browser and system persistence, and more. - All commands (scan, safe-install, audit, batch) documented with clear examples and risk scoring explanations.
元数据
Slug skill-bomb-dog-sniff
版本 0.1.0
许可证
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Bomb Dog Sniff 是什么?

Security-first skill management for OpenClaw - like a bomb-sniffing dog for skills. Sniffs out malicious payloads (crypto stealers, keyloggers, reverse shells) before installation. Quarantine → Scan → Install only the safe ones. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1262 次。

如何安装 Bomb Dog Sniff?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-bomb-dog-sniff」即可一键安装,无需额外配置。

Bomb Dog Sniff 是免费的吗?

是的,Bomb Dog Sniff 完全免费(开源免费),可自由下载、安装和使用。

Bomb Dog Sniff 支持哪些平台?

Bomb Dog Sniff 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Bomb Dog Sniff?

由 LvcidPsyche(@lvcidpsyche)开发并维护,当前版本 v0.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463942 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259883 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200739 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191401 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190375 · by oswalpalash

💬 留言讨论