← 返回 Skills 市场
Skills Audit
作者
ucloud-securiry
· GitHub ↗
· v1.5.3
· MIT-0
268
总下载
0
收藏
1
当前安装
18
版本数
在 OpenClaw 中安装
/install skills-audit
功能描述
Security audit + append-only logging + monitoring for OpenClaw skills (file-level diff, baseline approval, SHA-256 integrity).
安全使用建议
This skill appears to be what it says: a local static auditor and monitor. Before enabling it, note: (1) it will read all files under your workspace/skills and store snapshots and NDJSON logs under ~/.openclaw/skills-audit—these logs can include file snippets and paths, so review their permissions; (2) the optional remote intel lookup (QianXin SafeSkill) requires you to add your token to config/intelligent.json—leave it disabled unless you trust that service and understand that only a bundle MD5 is sent, not full files; (3) the tool executes local subprocesses such as git and the included helper scripts—ensure git is installed and review the scripts if you want to audit exact behavior; (4) the skill deliberately does not auto-create cron jobs, so you must explicitly add scheduling if desired; (5) minor implementation note: the code has a default config fallback for QianXin that may differ from the shipped intelligent.json default, but the shipped config sets enabled:false—verify config/intelligent.json to be sure remote queries remain disabled. If you need to be extra cautious, run the scanner once in a restricted environment, inspect ~/.openclaw/skills-audit/logs.ndjson, and keep the QianXin token empty.
功能分析
Type: OpenClaw Skill
Name: skills-audit
Version: 1.5.3
The bundle is a legitimate security auditing and monitoring tool for OpenClaw skills. It implements static analysis, git-based version tracking, and risk scoring using local rules and an optional, opt-in remote threat intelligence API (QianXin SafeSkill) that only transmits bundle hashes. The Python scripts (`skills_audit.py`, `skills_watch_and_notify.py`) are well-structured, use standard libraries, and perform actions consistent with the stated purpose of auditing. Crucially, the `SKILL.md` instructions contain defensive guidelines for the AI agent, explicitly prohibiting the automatic creation of cron jobs and mandating that the agent provide safe summaries of code changes rather than exfiltrating raw diffs to external channels.
能力标签
能力评估
Purpose & Capability
The name/description match the included files and behavior: Python scripts that scan workspace/skills, compute hashes, take git snapshots, write NDJSON logs, produce diffs, and generate notifications. Required components (Python, git) and the config files are appropriate for an audit/monitoring tool; there are no unrelated credential or cloud dependencies declared.
Instruction Scope
Runtime instructions and the code limit themselves to static analysis, file I/O under the workspace and ~/.openclaw/skills-audit, git subprocess calls, and local helper scripts. The skill explicitly states it will not execute audited skill code. It does perform controlled subprocess calls (git, git diff) and may make an optional remote MD5 query to QianXin SafeSkill when the user enables that feature.
Install Mechanism
No install spec or remote downloads are present; this is an instruction+script package that relies on the local Python runtime and git. Nothing in the package fetches or extracts arbitrary external code by default.
Credentials
The skill requests no environment variables or credentials by default. It can optionally use a user-supplied QianXin token (kept in config/intelligent.json) to query remote intel by bundle MD5; that is reasonable for an opt-in threat-intel feature but is the only remote-credential requirement. The tool will read the entire workspace/skills tree and write logs/snapshots under ~/.openclaw/skills-audit, which can contain snippets of code and file paths—so log contents are sensitive and proportional to its function.
Persistence & Privilege
always:false and the skill does not auto-create system-wide cron jobs. It writes only to its own directory under the user's home (~/.openclaw/skills-audit) and manages its own baseline/log files. It does not request elevated system privileges or modify other skills' configurations.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skills-audit - 安装完成后,直接呼叫该 Skill 的名称或使用
/skills-audit触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.5.3
Clarify audit scope, improve safe notification behavior, and refine risk/semantic handling
v1.4.1
Restore display name to Skills Audit
v1.4.0
**v1.4.0 – Changelog**
- Updated version to 1.4.0 and synchronized documentation (SKILL.md, SKILL_zh-CN.md) for consistency.
- Enhanced risk rule configuration in `config/risk-rules.json`.
- Improved logging schema and log handling in `log-template.json`.
- Refined documentation for scripts and usage in `scripts/README.md`.
- Made significant updates to main scripts (`scripts/skills_audit.py`, `scripts/skills_watch_and_notify.py`) to improve audit, monitoring, and notification reliability.
- General improvements to static analysis robustness and notification clarity.
v1.3.2
fix: show file details for newly added/removed skills in notifications, not just changed ones
v1.3.1
fix: exclude risk-rules.json from QianXin upload zip to prevent self-flagging as extreme
v1.3.0
feat: integrate QianXin SafeSkill remote scanning — QianXin-first with transparent local fallback, zero new dependencies
v1.2.0
v1.2.0: context-aware risk scoring, file-level diff with git snapshots, baseline approval, SHA-256 integrity, externalized risk rules with 14 categories, auto-start directive
v1.1.6
fix: correct display name to skills-audit
v1.1.5
fix: skip risk-rules.json during scan to avoid self-flagging as extreme risk
v1.1.4
feat: context-aware risk scoring with 10 skill profiles — skills are now evaluated based on their intended purpose, dramatically reducing false positives
v1.1.3
fix: remove overly broad CODE_INJECTION patterns (backtick, ${ , $( , {{ ) that caused false positive high-risk on normal Markdown files
v1.1.2
fix: remove dangerous keyword literals from Python code to avoid false positive flagging by security scanners
v1.1.1
v1.1.1: externalize risk rules to config/risk-rules.json with 14 categories and 200+ threat detection needles
v1.1.0
v1.1.0: SHA-256 integrity, file-level diff with git snapshots, baseline approval, notification template extraction, auto-start directive, show command for human-readable summaries, Python version check
v1.0.3
Publish a fresh 1.0.3 release alongside the new clean slug.
v1.0.2
Republish under original slug with clean package after removing flagged earlier history.
v1.0.1
Remove bundled _meta.json and republish clean package.
v1.0.0
Initial publish: static security audit, append-only logs, and change monitoring notifications.
元数据
常见问题
Skills Audit 是什么?
Security audit + append-only logging + monitoring for OpenClaw skills (file-level diff, baseline approval, SHA-256 integrity). 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 268 次。
如何安装 Skills Audit?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skills-audit」即可一键安装,无需额外配置。
Skills Audit 是免费的吗?
是的,Skills Audit 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Skills Audit 支持哪些平台?
Skills Audit 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Skills Audit?
由 ucloud-securiry(@ucloud-sec)开发并维护,当前版本 v1.5.3。
推荐 Skills