← 返回 Skills 市场
275
总下载
1
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install skill-shield-007
功能描述
OpenClaw扩展安全管理系统。扫描已安装扩展的安全风险,提供allowlist策略控制,在使用高风险扩展前进行风险提示。适用于安全管理、风险评估、权限控制场景。
安全使用建议
This skill appears to implement a legitimate local scanner, but there are two things to check before installing:
1) Inspect and control the hook: hook/shield-scan.js runs a local Python startup script and appends its output to the agent's system prompt. That behavior can change agent behavior broadly (prompt injection). If you install, either remove or disable the hook, or ensure the referenced startup script is present, simple, and cannot be modified by untrusted parties.
2) Fix the inconsistency: SKILL.md claims hook/auto-check is 'planned', but a hook file exists and it references scripts/tui-startup.py which is missing. Ask the author why the hook is present and what the startup script should do. If you can't verify the startup script's content, do not enable the hook.
Other precautions: review config.json allowlist entries (ensure you trust the listed skills), run the scanner in a sandbox first, and limit write permissions to ~/.openclaw/workspace/skills so attackers cannot replace the startup script or other scanner files. If you need a short recommendation: keep the scanner code (scripts/shield.py) but remove/disable the JS hook until its behavior is audited.
功能分析
Type: OpenClaw Skill
Name: skill-shield-007
Version: 1.0.0
Skill Shield is a security utility designed to scan OpenClaw extensions for risky patterns such as command execution, network calls, and credential access. The core logic in `scripts/shield.py` performs local static analysis via keyword matching, while `hook/shield-scan.js` integrates scanning into the session startup. Although the tool requires broad read access to the extensions directory and modifies the system prompt to display alerts, its operations are transparent, documented, and lack any indicators of data exfiltration, obfuscation, or malicious intent.
能力评估
Purpose & Capability
Name/description match the code: the Python scanner scans ~/.openclaw/workspace/skills for keywords, builds a risk DB, and offers allowlist/blocked behavior. Required binary (python3) is appropriate and no unrelated credentials or external binaries are requested.
Instruction Scope
SKILL.md and scripts describe scanning skills directory, reading SKILL.md and scripts/, saving a local JSON DB — this is within scope. However, SKILL.md states 'Hook机制/自动检查' is planned/not implemented, yet a hook file (hook/shield-scan.js) exists and is registered for 'session-start'. The hook executes a startup Python script and appends its output to context.systemPrompt, which can influence the agent globally. That hook references scripts/tui-startup.py which is not present in the package (missing file) — an incoherence that could cause runtime errors or be abused if that file is later added/modified.
Install Mechanism
No install spec (instruction-only install) and only a python script + small JS hook included. Nothing is downloaded from external URLs, no extract steps, and required binaries are minimal (python3).
Credentials
No environment variables, no credentials, and no config paths beyond normal per-skill config (config.json under the skill and a memory JSON under ~/.openclaw). The scanner reads files under the skills directory as expected; it does not contain explicit network or credential exfiltration code in the provided files.
Persistence & Privilege
The hook modifies context.systemPrompt by appending scan output. While the skill is not marked always:true, this hook will run at session-start (if the platform loads hooks), giving it an effective injection channel into agent prompts. Appending arbitrary script output into the system prompt is a potential prompt-injection vector and is disproportionate unless the startup script output is strictly controlled and sanitized. Also the code references a startup script that is missing, an inconsistency that should be resolved.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skill-shield-007 - 安装完成后,直接呼叫该 Skill 的名称或使用
/skill-shield-007触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Skill-shield 1.0.0 – 全新OpenClaw安全管理和风险控制
- 全面重写:由ClawHub技能单目录扫描与安全评分工具,升级为OpenClaw扩展统一安全管理系统,聚焦已装扩展风险识别、allowlist/blacklist控制与用户交互提示。
- 新增持久化风险数据库、风险历史记录与管理命令,支持风险快速检索与审计。
- 通过config.json集中管理信任列表、阻止名单和风险交互策略,实现精细化权限与提示控制。
- 支持10大常见风险类型自动识别,按严重度进行分级处理。
- 集成实用命令:一键扫描、单扩展检查、allowlist与blacklist管理、风险报告查看、风险记录清除。
- 功能示例与故障排除指引全面更新,适配OpenClaw场景。
元数据
常见问题
skill scan and detect risk 是什么?
OpenClaw扩展安全管理系统。扫描已安装扩展的安全风险,提供allowlist策略控制,在使用高风险扩展前进行风险提示。适用于安全管理、风险评估、权限控制场景。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 275 次。
如何安装 skill scan and detect risk?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-shield-007」即可一键安装,无需额外配置。
skill scan and detect risk 是免费的吗?
是的,skill scan and detect risk 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
skill scan and detect risk 支持哪些平台?
skill scan and detect risk 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 skill scan and detect risk?
由 jayhe(@jayhe)开发并维护,当前版本 v1.0.0。
推荐 Skills