← 返回 Skills 市场
902
总下载
2
收藏
6
当前安装
2
版本数
在 OpenClaw 中安装
/install skill-security-scanner
功能描述
Scan OpenClaw skills for security risks, suspicious permissions, and provide a trust score to help evaluate skill safety before use or installation.
安全使用建议
This skill is a useful, low-risk helper but be cautious: the automated script only inspects SKILL.md and metadata (it greps for network calls, env names, and markdown headings). It will miss malicious code in other files, hidden downloads, compiled binaries, or obfuscated scripts. Treat its trust score as a quick heuristic, not a definitive verdict. Before relying on it: (1) manually review code files (scripts, binaries, build/install steps), (2) run more comprehensive static-analysis tools across the whole skill directory, (3) sandbox test unknown skills (limited privileges/VM/container), and (4) avoid automatically sharing scan results to other services unless you trust those integrations. If the author/packaging is unfamiliar, prefer manual code review in addition to this scanner.
功能分析
Type: OpenClaw Skill
Name: skill-security-scanner
Version: 1.0.1
The skill is designed to be a security scanner, which is a benign purpose. However, the `scripts/scan-skill.sh` script contains a critical shell injection vulnerability. The `BINS` variable, which is populated from the content of the *scanned skill's* `SKILL.md` file, is echoed without quotes (`echo " • bins: $BINS"`). This allows a malicious `SKILL.md` to inject arbitrary shell commands into the scanner script, leading to potential Remote Code Execution (RCE) on the system running the scanner. This is a vulnerability, not intentional malice by the scanner itself, hence classified as suspicious.
能力评估
Purpose & Capability
The name and description match the contained files: a scanner that inspects skills. However the shipped scanner is very lightweight and only greps SKILL.md and metadata; it does not actually scan code files, binaries, or perform dynamic analysis despite implying a full-skill audit and trust scoring. Asking no credentials and no special binaries is coherent for this purpose.
Instruction Scope
SKILL.md describes scanning strategies (network calls, credential reads, obfuscation) and example patterns, but the runnable script (scripts/scan-skill.sh) only searches the skill's SKILL.md for a handful of regexes and metadata lines. The documentation suggests examining full source and integrating with memory/other skills, but the automated checks do not analyze code files, dependencies, or runtime behavior — creating a risk of false negatives (malicious behavior hidden in other files) and false confidence.
Install Mechanism
No install spec and no external downloads; the repository is instruction-only with a small local shell script. This is low risk from an install perspective because nothing will be written or executed automatically on install. Running the included script executes only local greps and echoes.
Credentials
The skill requests no environment variables or credentials and does not attempt to read system files in the provided script. SKILL.md warns about sensitive files (e.g., ~/.aws/credentials) but only as examples of red flags. A small note: the docs recommend storing trust scores in 'memory' or reporting findings to other skills — that implies potential storage/sharing of scan results, but this is a user-level integration choice, not an automatic credential request.
Persistence & Privilege
always:false and normal model invocation settings are used. The SKILL.md suggests integrating with agent memory and other skills which could persist or share findings; that's not inherently malicious but users should be aware that trust scores and scan results might be stored or broadcast if they enable such integrations.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skill-security-scanner - 安装完成后,直接呼叫该 Skill 的名称或使用
/skill-security-scanner触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
- Removed always-on flag (`always: true`) from skill metadata, making the scanner no longer run by default in all cases.
- Updated documentation to clarify and simplify examples of high-risk patterns, replacing real domains and paths with generic examples.
- No changes to core functionality; update is documentation and configuration only.
v1.0.0
Initial release of "skill-security-scanner":
- Scan OpenClaw skills for security issues, suspicious permissions, and provide trust scores.
- Detects risky patterns in skill metadata and documentation.
- Scores skills from 0–100 and suggests risk levels with action recommendations.
- Commands: scan individual skills, audit all, list permissions, and get trust scores.
- Outputs detailed reports with issues, positives, and safety recommendations.
元数据
常见问题
Skill Security Scanner 是什么?
Scan OpenClaw skills for security risks, suspicious permissions, and provide a trust score to help evaluate skill safety before use or installation. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 902 次。
如何安装 Skill Security Scanner?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-security-scanner」即可一键安装,无需额外配置。
Skill Security Scanner 是免费的吗?
是的,Skill Security Scanner 完全免费(开源免费),可自由下载、安装和使用。
Skill Security Scanner 支持哪些平台?
Skill Security Scanner 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Skill Security Scanner?
由 DevSef(@steffano198)开发并维护,当前版本 v1.0.1。
推荐 Skills