← 返回 Skills 市场
1154
总下载
2
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install skill-security-reviewer
功能描述
Detects malicious behavior and security threats in target skills using advanced analysis of obfuscation, encoding, encryption, and dynamic code techniques.
安全使用建议
This skill appears to do what it says (read-only analysis of other skills) but the SKILL.md contains at least one prompt-injection pattern. Before installing: (1) manually inspect the entire SKILL.md for any instructions that try to override agent constraints (phrases like 'ignore previous instructions' or embedded 'execute' directives); (2) only run it in a sandboxed agent environment where it cannot access unrelated files or credentials; (3) ensure the agent enforces the 'do not execute decoded code' rule programmatically (not just by prose); (4) if you plan to allow autonomous invocation, consider disabling that until you've audited behavior; (5) if you need more assurance, ask the maintainer for provenance (homepage, source repo, maintainer identity) or run the analysis locally on a copy of the target skill rather than giving the skill access to live system state. Additional information that would change this assessment: presence of embedded instructions in SKILL.md that explicitly tell the agent to execute code or access unrelated credentials, or bundled install scripts/downloader entries — those would raise the severity to malicious.
功能分析
Type: OpenClaw Skill
Name: skill-security-reviewer
Version: 3.0.0
The skill 'skill-security-reviewer' is designed to detect malicious skills, a benign objective. Its `SKILL.md` explicitly forbids the agent from executing any commands or scripts from the target skill or executing decoded code (Section §3, 'Execution Rules'). However, the skill requires broad file system access to read and analyze all files of a target skill, including potentially sensitive configurations and code. This constitutes a 'risky capability' (broad permissions, processing untrusted input) even though it is plausibly needed for its stated purpose. The inherent risk of processing and decoding potentially malicious content, combined with broad file access, creates a vulnerability surface for the agent or its environment, leading to a 'suspicious' classification rather than 'benign' or 'malicious'.
能力评估
Purpose & Capability
The SKILL.md describes a tool that audits other skills for obfuscation/evasion and explicitly limits itself to read-only analysis and safe decoding. There are no required binaries, env vars, or install steps, which is proportionate to a static analysis/instruction-only skill.
Instruction Scope
The instructions permit reading and decoding all files of a target skill (reasonable for auditing) but the pre-scan found a prompt-injection pattern ('ignore-previous-instructions') inside SKILL.md. That indicates the skill file may contain content intended to manipulate the evaluator or agent behavior; the README also allows broad decoding of arbitrary encoded/encrypted content which could include active payloads if the 'do not execute' rule is not enforced.
Install Mechanism
No install spec and no code files — lowest risk for on-disk persistence and arbitrary downloads. Nothing is written to disk by an installer; only report outputs are described.
Credentials
The skill requests no environment variables, credentials, or config paths. For its stated audit purpose, this is proportionate.
Persistence & Privilege
always:false and no install behavior — the skill does not request permanent presence. However the skill is allowed autonomous invocation by default (disable-model-invocation:false). Combined with the prompt-injection pattern inside its instructions, autonomous invocation could increase risk if the skill attempts to manipulate agent decision-making.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skill-security-reviewer - 安装完成后,直接呼叫该 Skill 的名称或使用
/skill-security-reviewer触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v3.0.0
v3.0 New Features:
- Code obfuscation detection and de-obfuscation analysis
- Encoding/encryption evasion detection (Base64, Hex, ROT13, XOR, AES, etc.)
- String splitting/concatenation detection
- Dynamic code generation detection
- Multi-layer nested obfuscation detection
- Entropy analysis to identify encrypted content
元数据
常见问题
Skill Security Reviewer 3.0 是什么?
Detects malicious behavior and security threats in target skills using advanced analysis of obfuscation, encoding, encryption, and dynamic code techniques. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1154 次。
如何安装 Skill Security Reviewer 3.0?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-security-reviewer」即可一键安装,无需额外配置。
Skill Security Reviewer 3.0 是免费的吗?
是的,Skill Security Reviewer 3.0 完全免费(开源免费),可自由下载、安装和使用。
Skill Security Reviewer 3.0 支持哪些平台?
Skill Security Reviewer 3.0 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Skill Security Reviewer 3.0?
由 NinjaGPT(@ninjagpt)开发并维护,当前版本 v3.0.0。
推荐 Skills