← 返回 Skills 市场
Skill
作者
yx2601816404-sys
· GitHub ↗
· v0.6.1
720
总下载
0
收藏
1
当前安装
8
版本数
在 OpenClaw 中安装
/install skill-shield
功能描述
Security audit tool for ClawHub skills. Scans a skill directory with 65 detection patterns, anti-obfuscation analysis, and dual rating system (Security + Com...
安全使用建议
This tool appears to do what it says: it reads a skill directory and flags dangerous patterns. Before using it, keep in mind: (1) it will read every file you point it at — don't scan directories that contain private keys or secrets you don't want loaded by a third-party script; run the scanner in an isolated/sandboxed environment if you are unsure. (2) The scanner intentionally suppresses or reduces severity for patterns inside strings, docs, and pattern-definition blocks (to avoid false positives). That behavior is reasonable for a scanner, but it can be abused by a malicious author who formats dangerous code to look like a pattern definition or comment — treat its 'A'/'B' grade as a starting point and manually inspect any high-sensitivity items the scanner flags, especially undeclared permissions (gateway, write, nodes, edit, etc.). (3) Reports embedded in the package appear to be snapshots (older version numbers in reports); prefer running the bundled scanner yourself rather than relying on packaged reports. Overall: the package is coherent with its purpose, but do manual review and run it in a safe environment when scanning untrusted skill directories.
功能分析
Type: OpenClaw Skill
Name: skill-shield
Version: 0.6.1
The OpenClaw AgentSkills skill-shield is a security audit tool designed to scan other skills for dangerous patterns. Its `scan.py` code implements robust detection logic, including anti-obfuscation analysis and extensive context-aware false positive reduction mechanisms (e.g., ignoring its own pattern definitions, reducing severity for code in comments/documentation). The `SKILL.md` clearly describes its legitimate security purpose and usage, without any hidden prompt injection commands. While the provided `reports/report.json` and `reports/report.md` show an older version of the scanner (v0.2.0) flagging itself with a 'D' rating due to an undeclared permissions and a false positive `base64_decode` finding, this reflects the scanner's transparency and the developers' subsequent improvements (v0.6.1) to reduce such false positives, rather than malicious intent. The skill's functionality is entirely aligned with its stated purpose of security auditing, with no evidence of data exfiltration, unauthorized execution, or persistence.
能力评估
Purpose & Capability
The name/description (skill-shield, security auditor) matches the code and SKILL.md: it ships a Python scanner (scripts/scan.py) and test harness. There are no unrelated environment variables, binaries, or install steps requested. The scanner's permission-audit feature explains why it will compare declared SKILL.md permissions to tools discovered in code.
Instruction Scope
The runtime instructions tell the agent to run python3 scripts/scan.py on a skill directory — that naturally requires reading all files under the supplied directory (including .env, scripts, docs, etc.). This is expected for a scanner, but you should be aware it will read any sensitive files placed in the scanned directory. The SKILL.md and scanner also intentionally decode base64/hex to detect obfuscation (explains the base64 decode finding).
Install Mechanism
No install spec or third-party downloads are present; the tool is instruction-only and provides Python scripts. This is the lowest-risk install mechanism. It assumes a Python3 runtime available on PATH.
Credentials
The skill declares no required environment variables or credentials. The scanner does look for credential-like strings (e.g., .ssh, .aws) inside scanned content but does not itself request secrets. This is proportionate to an auditing tool.
Persistence & Privilege
The skill does not request permanent inclusion (always: false). It does not modify other skills or system-wide settings. Model invocation is allowed (default), which is normal for skills; there are no additional elevated privileges requested.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skill-shield - 安装完成后,直接呼叫该 Skill 的名称或使用
/skill-shield触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.6.1
v0.6.1: Performance fix — skip venv/node_modules/dist/.git directories in file discovery. 164 skills batch-scanned in ~8 seconds (was timing out before).
v0.6.0
v0.6.0: Batch scan mode (--batch). Scan entire skill directories at once with summary table output. --json-summary for machine-readable output. Tested on 155 skills.
v0.5.0
SARIF 2.1.0 output
v0.4.1
v0.4.1: Fix false negative where subprocess.run(['sudo',...]) was incorrectly demoted by string literal detection. Added test suite (16 tests, 100% pass). Execution call exclusion now uses regex patterns instead of substring matching.
v0.4.0
v0.4.0: String literal context detection — security tools no longer falsely flagged. 5/9 F-rated security tools reclassified (3→A, 1→C, 2→D). Added: noscan marker, ignore-next-line comment, JS regex literal detection, raw string continuation handling. Zero regressions.
v0.3.1
v0.3.1: Fix SKILL.md markdown false positives (table cells, YAML values, inline code paths). planning-with-files F->A.
v0.3.0
v0.3.0: Dual rating (Security + Compliance), 6 false positive fixes, doc-only skill detection, rating reasons
v0.2.0
v0.2.0: 60+ detection patterns (up from 32), anti-obfuscation layer, CWE references, reduced false positives on documentation strings. Audited 64 ClawHub security skills — 58% rated D/F.
元数据
常见问题
Skill 是什么?
Security audit tool for ClawHub skills. Scans a skill directory with 65 detection patterns, anti-obfuscation analysis, and dual rating system (Security + Com... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 720 次。
如何安装 Skill?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-shield」即可一键安装,无需额外配置。
Skill 是免费的吗?
是的,Skill 完全免费(开源免费),可自由下载、安装和使用。
Skill 支持哪些平台?
Skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Skill?
由 yx2601816404-sys(@yx2601816404-sys)开发并维护,当前版本 v0.6.1。
推荐 Skills