← 返回 Skills 市场
Skill Auditor
作者
ucloud-securiry
· GitHub ↗
· v1.0.3
· MIT-0
99
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install skills-auditor
功能描述
Security audit + append-only logging + monitoring for OpenClaw skills (file-level diff, baseline approval, SHA-256 integrity). Requires Python ≥3.9 and git.
安全使用建议
This skill appears to do what it claims: local static scanning, git snapshots, baseline approval, and append-only logging. Before installing or enabling it: (1) Inspect and confirm the log/snapshot path (~/.openclaw/skills-audit) and set filesystem permissions so only authorized users can read it, because logs may include snippets from scanned files (including secrets if present). (2) Run the scanner manually once in a controlled environment to observe outputs before allowing automated cron runs. (3) Do not allow the Agent to auto-create cron jobs; follow the SKILL.md guidance to create any scheduled tasks manually after review. (4) If you need absolute assurance that no network calls occur, review the scripts for any added dependencies or changes (the shipped code currently avoids HTTP clients). (5) If you plan to audit sensitive or production skills, consider running the scan inside a sandboxed account or VM and rotate access to the audit directory. All of the notable static 'dangerous' strings are detection rules (expected) rather than evidence of outbound network/exfiltration behavior.
功能分析
Type: OpenClaw Skill
Name: skills-auditor
Version: 1.0.3
The skills-auditor bundle is a security utility designed to perform static analysis, integrity monitoring, and change tracking for OpenClaw skills. The core logic in scripts/skills_audit.py and scripts/skills_watch_and_notify.py is transparent, uses only Python standard libraries, and contains no network-outbound code, ensuring that audit data and code diffs remain local. The SKILL.md instructions include safety-oriented 'Agent Directives' that specifically prevent the AI from automatically creating cron jobs or leaking raw sensitive diffs to external channels without user consent. The risk-scanning patterns in the config files are correctly implemented as detection signatures rather than executable payloads.
能力标签
能力评估
Purpose & Capability
Name/description (security audit, file diff, SHA-256, baseline approval) match the included Python scripts and JSON config. Requested runtime (Python ≥3.9 and git) is exactly what the tool needs for local scanning, git snapshots, and logging. The presence of risk patterns and rules (network / dangerous-command needles) is appropriate for a scanner that must detect those strings.
Instruction Scope
The SKILL.md and the scripts consistently describe a local static-analysis workflow: reading files under workspace/skills, running git subprocesses, computing hashes, and appending NDJSON logs. The skill explicitly states it will not execute audited skill code. Important privacy note: the scanner reads skill files and stores snippets/evidence and extracted domains in logs; these logs (and git snapshots) may therefore contain sensitive data if any audited skill stores secrets in files. The SKILL.md enforces use of a 'show' command and warns against pushing full diffs by default — consistent with safer behavior, but users should confirm that logs and snapshots are protected.
Install Mechanism
No remote install/downloads or third-party package installs are declared. The package is instruction + local Python scripts (no install spec). That is the lowest-risk install pattern for this kind of tool.
Credentials
The skill requests no environment variables, credentials, or external endpoints. That is proportionate. However, the scanner intentionally looks for sensitive-path patterns (e.g., ~/.ssh, aws keys) and will record evidence snippets and domains — so while it doesn't require your secrets, it may surface and store them if they are present in audited skill files. Users should restrict file-system access to the audit directory and logs (~/.openclaw/skills-audit).
Persistence & Privilege
The skill does not set always:true and does not attempt to modify other skills' configuration. It writes its own state/logs/snapshots under ~/.openclaw/skills-audit and has commands to create/manage baseline approvals; those are expected behaviors for an audit tool. The SKILL.md explicitly instructs agents not to auto-create cron jobs, which reduces unwanted persistence.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skills-auditor - 安装完成后,直接呼叫该 Skill 的名称或使用
/skills-auditor触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.3
Clear responsibility boundary: scripts contain no network/HTTP/model code; Agent semantic understanding is Agent-level capability governed by Agent deployment policies
v1.0.2
Clarify semantic analysis dual-layer architecture: built-in rule engine (baseline) + Agent LLM (enhancement). Add data privacy section for private vs cloud deployments. Skill itself initiates no network requests.
v1.0.1
Remove all LLM/Agent references from semantic analysis: clarify it is a pure local rule engine (regex + keyword scoring), no model API calls, no code leaves the process. Add privacy guarantee statement.
v1.0.0
Initial release of Skill Auditor
元数据
常见问题
Skill Auditor 是什么?
Security audit + append-only logging + monitoring for OpenClaw skills (file-level diff, baseline approval, SHA-256 integrity). Requires Python ≥3.9 and git. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 99 次。
如何安装 Skill Auditor?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skills-auditor」即可一键安装,无需额外配置。
Skill Auditor 是免费的吗?
是的,Skill Auditor 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Skill Auditor 支持哪些平台?
Skill Auditor 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Skill Auditor?
由 ucloud-securiry(@ucloud-security)开发并维护,当前版本 v1.0.3。
推荐 Skills