← 返回 Skills 市场
moxin1044

threatbook-skills

作者 末心 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ 安全检测通过
145
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install threatbook-skills
功能描述
集成微步在线威胁情报API,提供文件上传分析、文件信誉查询、多引擎检测、IP信誉查询和失陷检测能力;当用户需要分析可疑文件、查询文件威胁情报、检测IP安全状态或排查主机失陷风险时使用
安全使用建议
This skill appears to do what it claims: it calls ThreatBook APIs and requires a ThreatBook API key. Before installing, consider: 1) Do not upload sensitive or private files — file_upload.py transmits file bytes to an external service. 2) Set THREATBOOK_API_KEY in your environment (most scripts read it), but note ip_reputation.py requires an --api_key CLI argument (SKILL.md examples omitted this) — either pass the key on the command line or edit the script to read the env var. 3) Confirm you obtained the API key from the official ThreatBook site (api.threatbook.cn) and understand rate limits and data retention policies. 4) If you want stricter safety, review/modify the scripts to avoid uploading files you cannot share, and prefer using hashed queries (file_report/file_multiengines) rather than uploading full binaries.
功能分析
Type: OpenClaw Skill Name: threatbook-skills Version: 1.0.0 The skill bundle is a legitimate integration for the ThreatBook (微步在线) threat intelligence platform. The scripts in the `scripts/` directory (such as `file_upload.py`, `ip_reputation.py`, and `file_report.py`) correctly implement the functionality described in `SKILL.md` by interacting with official ThreatBook API endpoints (api.threatbook.cn). There is no evidence of data exfiltration, malicious execution, or prompt injection; the file upload capability is consistent with the stated purpose of security analysis.
能力评估
Purpose & Capability
Name/description, required env var (THREATBOOK_API_KEY), and the included scripts all align: file upload/report, multi-engine, IP reputation, and DNS compromise use ThreatBook endpoints. The requested credential is what this integration needs.
Instruction Scope
SKILL.md directs the agent to run the provided scripts and to supply the API key. All scripts call api.threatbook.cn and only transmit the data required for those queries. Note: file_upload.py will send raw file contents to the external ThreatBook service (expected for this feature) — users should avoid uploading sensitive files. Also SKILL.md examples for the IP script omit the required --api_key argument, causing a small mismatch between docs and code.
Install Mechanism
No install spec; dependency is only requests==2.28.0 declared in the SKILL.md. There are no downloads from arbitrary URLs or archive extraction; risk from installation is low.
Credentials
Only THREATBOOK_API_KEY is declared as required (primary credential) which is proportional. One script (ip_reputation.py) accepts an --api_key CLI argument rather than reading the env var, which is an inconsistency but not a privilege escalation. No unrelated credentials, config paths, or suspicious environment access are requested.
Persistence & Privilege
always is false and the skill does not attempt to modify other skills or system settings. It does not request persistent elevated privileges.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install threatbook-skills
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /threatbook-skills 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of threatbook-skills, providing integration with 微步在线 (ThreatBook) threat intelligence API. - Supports file upload and analysis for suspicious files. - Allows reputation queries for files using hash values. - Provides multi-engine antivirus scan reports. - Enables IP reputation query and context. - Includes domain/IP compromise detection functionality. - Requires THREATBOOK_API_KEY for API access.
元数据
Slug threatbook-skills
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

threatbook-skills 是什么?

集成微步在线威胁情报API,提供文件上传分析、文件信誉查询、多引擎检测、IP信誉查询和失陷检测能力;当用户需要分析可疑文件、查询文件威胁情报、检测IP安全状态或排查主机失陷风险时使用. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 145 次。

如何安装 threatbook-skills?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install threatbook-skills」即可一键安装,无需额外配置。

threatbook-skills 是免费的吗?

是的,threatbook-skills 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

threatbook-skills 支持哪些平台?

threatbook-skills 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 threatbook-skills?

由 末心(@moxin1044)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 留言讨论