← 返回 Skills 市场
krishnakumarmahadevan-cmd

Suspicious File Scanner

作者 ToolWeb · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
118
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install suspicious-file-scanner
功能描述
Analyzes uploaded files to detect suspicious characteristics and potential security threats.
安全使用建议
This skill appears to do what it says (scan files) but it transmits uploaded files to an external service (api.mkkpro.com/toolweb.in) with no authentication or privacy details in the SKILL.md. Before installing: (1) Do not upload sensitive or proprietary files unless you verify the vendor and their privacy/retention policy. (2) Confirm whether the API requires an API key or account and how data is stored/retained/encrypted. (3) Test with harmless sample files first. (4) Prefer scanning services you control or that provide on-premise agents if data confidentiality matters. (5) If possible, disable autonomous invocation or require user confirmation before the agent sends files externally. (6) Verify TLS endpoints and domain ownership (toolweb.in / api.mkkpro.com) and review the provider's terms and privacy policy.
功能分析
Type: OpenClaw Skill Name: suspicious-file-scanner Version: 1.0.0 The skill defines an API for scanning files by uploading them to a remote endpoint (api.mkkpro.com). While this aligns with the stated purpose of a 'Suspicious File Scanner,' it inherently facilitates the exfiltration of potentially sensitive local files to a third-party service. There is no explicit evidence of malicious intent or prompt injection in SKILL.md, but the requirement to transmit binary data to an external server poses a significant privacy and security risk for an automated agent.
能力评估
Purpose & Capability
Name, description, and the included OpenAPI schema align: the skill is an instruction-only wrapper describing a file-scanning API (POST /scan-file). There are no unrelated binaries, env vars, or installs requested, so the declared capability is consistent with requirements.
Instruction Scope
Runtime instructions explicitly tell the agent (and users) to upload files via multipart/form-data to an external endpoint (api.mkkpro.com). For a scanner this is expected, but the SKILL.md gives no details about authentication, retention, privacy, encryption, or allowed data types; it therefore instructs transmission of potentially sensitive files to an external service without safeguards.
Install Mechanism
No install spec and no code files — the skill is instruction-only, which minimizes local code execution risk. There is nothing being downloaded or written to disk by an installer.
Credentials
The skill requires no environment variables or credentials. However, the pricing and documentation references imply a third-party service that may require account/auth in practice; the SKILL.md does not explain authentication or access controls. The absence of declared credentials reduces immediate risk but also omits how the service enforces usage and protects uploaded data.
Persistence & Privilege
always:false (normal). Autonomous invocation is allowed by default — combined with the instruction to upload files to an external endpoint, autonomous use increases the blast radius because an agent could send files without explicit user confirmation. This is a contextual risk rather than a direct misconfiguration.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install suspicious-file-scanner
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /suspicious-file-scanner 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of Suspicious File Scanner. - Provides API to scan uploaded files for suspicious characteristics and potential threats. - Returns detailed analysis, including threat indicators, confidence scores, and recommendations. - Simple integration via multipart/form-data endpoint. - Free and paid usage plans available.
元数据
Slug suspicious-file-scanner
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Suspicious File Scanner 是什么?

Analyzes uploaded files to detect suspicious characteristics and potential security threats. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 118 次。

如何安装 Suspicious File Scanner?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install suspicious-file-scanner」即可一键安装,无需额外配置。

Suspicious File Scanner 是免费的吗?

是的,Suspicious File Scanner 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Suspicious File Scanner 支持哪些平台?

Suspicious File Scanner 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Suspicious File Scanner?

由 ToolWeb(@krishnakumarmahadevan-cmd)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论