← 返回 Skills 市场
confidentkai

Skill Security Audit Enhanced

作者 kvs-GoN · GitHub ↗ · v2.0.0 · MIT-0
cross-platform ⚠ suspicious
72
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install skill-security-audit-enhanced
功能描述
🔍 增强版技能安全审计 - 检测AI代理技能中的恶意模式,包含13种检测器,覆盖后门、凭证窃取、数据外传和供应链攻击。基于SlowMist的ClawHub威胁情报(472+恶意技能)。纯Python实现,零外部依赖。优化清理版,移除无关文件,性能更佳。
安全使用建议
This skill appears consistent with its stated purpose (a local scanner). Before running it: review scripts/skill_audit.py and scripts/ioc_database.json yourself; prefer running scans targeted to specific skill folders (use --path) rather than broad system scans; do not run the scanner as root unless you understand why elevated access is needed; treat the scan output as potentially containing sensitive snippets (paths, lines) and handle evidence carefully; if you need stronger isolation, run it in a VM or container; verify the skill's provenance (author, repository) and consider comparing hashes of the shipped files if you retrieved them from a third party.
功能分析
Type: OpenClaw Skill Name: skill-security-audit-enhanced Version: 2.0.0 This bundle is a security auditing utility designed to scan and detect malicious patterns in other OpenClaw skills. The core logic in 'scripts/skill_audit.py' implements 13 specialized detectors (e.g., Base64, IOC matching, credential theft, and persistence) to identify threats based on a provided 'scripts/ioc_database.json'. While the tool requires broad file-read access to scan skill directories, its behavior is entirely consistent with its stated purpose, and the code contains no evidence of data exfiltration, unauthorized network calls, or hidden malicious functionality.
能力标签
cryptorequires-walletrequires-oauth-tokenrequires-sensitive-credentials
能力评估
Purpose & Capability
The name/description (skill audit) match the included artifacts: a pure‑Python scanner (scripts/skill_audit.py), an IOC DB, and documentation of the 13 detectors. No unrelated environment variables, binaries, or install steps are requested. Minor inconsistency: some example commands in SKILL.md reference differing absolute paths (e.g., /root/.openclaw/... vs ~/.claude/...), but this is a documentation/path mismatch rather than a capability mismatch.
Instruction Scope
The runtime instructions tell the agent to run the bundled scanner which auto-discovers and reads skill directories (e.g., ~/.claude, ~/.openclaw, /usr/local/lib/node_modules/openclaw/skills). This is expected for a scanner, but it means the tool will read many files under user/home skill locations and may surface sensitive lines (file paths, snippets). The SKILL.md also includes remediation commands (ps, lsof, crontab, moving files) — appropriate for incident response but they require care (permissions/privilege) and the documentation uses several absolute paths that are inconsistent.
Install Mechanism
There is no install spec (instruction-only), and the scanner is pure stdlib Python bundled with the skill (no external downloads). That reduces supply-chain risk relative to remote installers. However, running the skill executes code shipped inside the skill bundle (scripts/skill_audit.py), so users should inspect that file before execution — this is normal for local tools but a point to be aware of.
Credentials
The skill declares no required environment variables or credentials. The scanner intentionally looks for indicators related to credentials and sensitive paths (e.g., ~/.ssh, ~/.aws) as part of detection, which is appropriate for its purpose; it does not request access tokens or external secrets in metadata.
Persistence & Privilege
The skill does not request permanent inclusion (always:false) and does not modify other skills or system-wide agent settings. It can be invoked autonomously by the agent (platform default), which is expected for skills; this by itself is not a red flag here.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install skill-security-audit-enhanced
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /skill-security-audit-enhanced 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.0
优化版本:清理无关文件、更新文档、保持核心功能完整、性能优化
元数据
Slug skill-security-audit-enhanced
版本 2.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Skill Security Audit Enhanced 是什么?

🔍 增强版技能安全审计 - 检测AI代理技能中的恶意模式,包含13种检测器,覆盖后门、凭证窃取、数据外传和供应链攻击。基于SlowMist的ClawHub威胁情报(472+恶意技能)。纯Python实现,零外部依赖。优化清理版,移除无关文件,性能更佳。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 72 次。

如何安装 Skill Security Audit Enhanced?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-security-audit-enhanced」即可一键安装,无需额外配置。

Skill Security Audit Enhanced 是免费的吗?

是的,Skill Security Audit Enhanced 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Skill Security Audit Enhanced 支持哪些平台?

Skill Security Audit Enhanced 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Skill Security Audit Enhanced?

由 kvs-GoN(@confidentkai)开发并维护,当前版本 v2.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论