← 返回 Skills 市场
621
总下载
0
收藏
2
当前安装
4
版本数
在 OpenClaw 中安装
/install skill-install-guardian
功能描述
Security and due diligence layer for installing external skills from ClawHub. Performs DEEP content scanning for malicious patterns, security checks, integra...
安全使用建议
This skill appears to do what it says (scan skills before install) and does not request extra credentials or install components, but it has some implementation weaknesses you should consider before relying on it as your only defense: 1) The file-list parsing and the way script file paths are fetched are brittle and may miss files in subdirectories — review and test the scanner on representative skills to confirm coverage. 2) It depends on the trustworthiness and behavior of the local `npx clawhub` CLI; ensure that binary is the official/expected one and that its `--files` and `--file` outputs match what the script expects. 3) Expect false positives and false negatives; always manually review CRITICAL flags. 4) Run the script in an isolated environment (or CI sandbox) the first few times to observe its behavior and outputs. If you plan to rely on it operationally, request or implement fixes to (a) fetch files using their full reported paths rather than basenames, (b) make file-list parsing robust to different CLI output formats, and (c) add explicit logging and an audit trail of scans and owner decisions.
功能分析
Type: OpenClaw Skill
Name: skill-install-guardian
Version: 1.3.0
The OpenClaw skill 'skill-install-guardian' is designed to perform security and due diligence checks on other skills before installation. Both its documentation (SKILL.md) and its Python script (scripts/check.py) consistently reflect this security-focused purpose. The script implements robust slug validation and uses safe, list-based `subprocess.run` calls to prevent shell injection when interacting with `npx clawhub`. It actively scans other skill files for dangerous patterns (like `eval()`, `exec()`, API keys, and obfuscation) and reports findings. There is no evidence of malicious intent, data exfiltration, unauthorized execution, or prompt injection attempts within this skill itself; rather, it aims to detect such issues in *other* skills.
能力评估
Purpose & Capability
The skill's name and description (pre-install security checks) match what it actually does: it calls the ClawHub CLI (npx clawhub inspect) to fetch reports and files, scans file contents for dangerous patterns, and generates a report for owner confirmation. Required binary (npx) is expected and proportional; no unrelated env vars or credentials are requested.
Instruction Scope
SKILL.md instructs fetching SKILL.md and script files and scanning for dangerous patterns only — consistent with purpose. The implementation is explicitly read-only and validates slugs to reduce injection risk. However, the code uses a brittle parser for the `--files` output (looks for a 'Files:' section and takes the first token as filename) and, for script files, strips directory paths and calls fetch_file_content with only the basename (which may fail to fetch files located in subdirectories). These bugs can produce false negatives or skip files, reducing the scanner's effectiveness. Also the code prints and returns results but does not send findings to an external endpoint, matching the declared 'report to owner' behavior.
Install Mechanism
There is no install spec (instruction-only plus one script file). No remote downloads or archive extraction are performed by the skill itself. It relies on the local npx/clawhub CLI to fetch skill data, which is an expected, low-risk approach for this purpose.
Credentials
No environment variables or secrets are requested. The scanner detects patterns that look like keys in file contents but does not itself require any credentials — proportional and appropriate for the described functionality.
Persistence & Privilege
always:false and no system-wide config modification are present. The skill does not request persistent privileges or attempt to modify other skills' configs. disable-model-invocation is default (false) which is normal; there is no other elevated privilege requested.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skill-install-guardian - 安装完成后,直接呼叫该 Skill 的名称或使用
/skill-install-guardian触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.3.0
Deep content scanning - fetches and analyzes actual file contents for security patterns
v1.2.0
Fixed documentation accuracy, removed unused curl, added limitations
v1.1.0
Fixed command injection vulnerability
v1.0.0
Initial release - security and due diligence for skill installation
元数据
常见问题
Skill Install Guardian 是什么?
Security and due diligence layer for installing external skills from ClawHub. Performs DEEP content scanning for malicious patterns, security checks, integra... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 621 次。
如何安装 Skill Install Guardian?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-install-guardian」即可一键安装,无需额外配置。
Skill Install Guardian 是免费的吗?
是的,Skill Install Guardian 完全免费(开源免费),可自由下载、安装和使用。
Skill Install Guardian 支持哪些平台?
Skill Install Guardian 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Skill Install Guardian?
由 ohnednez(@zendenho7)开发并维护,当前版本 v1.3.0。
推荐 Skills