← 返回 Skills 市场

Vet Repo

Name: Vet Repo
Author: itsnishi

作者 ItsNishi · GitHub ↗ · v1.1.1 · MIT-0

cross-platform ⚠ suspicious

1253

总下载

当前安装

版本数

在 OpenClaw 中安装

/install vet-repo

功能描述

Scan repository agent configuration files for known malicious patterns

安全使用建议

This looks like a legitimate repo scanner, but take the usual precautions before running code from an unknown source: 1) review scripts/vet_repo.py and scripts/patterns.py yourself to confirm behavior, 2) run the scanner on a copy of the repository or inside an isolated/containerized environment, 3) run it offline if you want to avoid accidental network access from other tools, and 4) be aware the scanner will surface any detected secrets or sensitive lines in its output — consider restricting output storage or scanning only non-sensitive copies. If you want stronger guarantees, inspect the pattern DB for false positives/negatives and run the script under restricted privileges.

功能分析

Type: OpenClaw Skill Name: vet-repo Version: 1.1.1 The 'vet-repo' skill is a security tool designed to scan repository configuration files for malicious patterns, such as prompt injection, hook abuse, and supply chain attacks. The bundle consists of a comprehensive pattern database (patterns.py) and a scanner script (vet_repo.py) that performs static analysis on local files like .claude/settings.json and .mcp.json. While it includes a feature to verify npm/PyPI packages via external registry APIs (registry.npmjs.org and pypi.org), this behavior is transparently documented and serves a legitimate security purpose (detecting typosquatting) rather than data exfiltration.

能力评估

✓ Purpose & Capability

Name/description match the included artifacts: the package ships a Python scanner (scripts/vet_repo.py) and a large pattern DB (scripts/patterns.py) that are directly used to scan agent-related config files. Nothing requested by the skill (no env vars, no external binaries) appears disproportionate to the stated purpose.

ℹ Instruction Scope

SKILL.md instructs the user/agent to run the local Python script against a given PROJECT_ROOT. The scanner reads a defined set of config files (.claude/, .mcp.json, CLAUDE.md, .vscode, .cursor) and supporting skill scripts (.py, .sh) and reports matches. This is consistent with the stated goal, but note it will read arbitrary files under the scan scope and will print matched contents (including any secrets it finds). The instructions do not execute repository code; they only open and inspect files.

✓ Install Mechanism

No install spec or remote downloads are used. The skill is delivered with its Python scripts and runs locally; no external package fetching or archive extraction occurs.

✓ Credentials

The skill requests no environment variables or credentials. The patterns include detections for secrets and sensitive configs (expected for a scanner), but the skill itself does not request access to those secrets or attempt to store them.

✓ Persistence & Privilege

always is false and disable-model-invocation is true (the skill will not be autonomously invoked by the model). The skill does not modify other skills or global agent settings; it only reads repository files and prints a report.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install vet-repo
安装完成后，直接呼叫该 Skill 的名称或使用 /vet-repo 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.1.1

- Expand pattern database from ~70 to 151 patterns across 15 categories - Add 5 new categories: code_before_review, config_backdoor, memory_corruption, confused_delegation, persistence - New coverage: reverse shells, cloud IMDS, env var hijacking, git hook persistence, macOS launchd/Windows schtasks, dependency confusion, lock file tampering, GitHub Actions poisoning, 16+ obfuscation techniques - Document advisory hook behavior in SKILL.md

v1.1.0

- Added documentation about new advisory PreToolUse hooks in `.claude/settings.json` that warn on dangerous Bash commands and sensitive file writes. - Clarified that these hooks are advisory only and do not block execution by default. - Provided instructions for making the hooks deterministic by changing their return value. - Emphasized that vet-repo remains the primary detection mechanism for repo-level threats. - No changes to code or features; this is a documentation update.

v1.0.0

Initial release: scan repository agent configurations for malicious patterns. - Detects issues in `.claude/settings.json`, skill configs, `.mcp.json`, and agent-related README files. - Produces structured reports with severity levels and actionable recommendations. - Designed for security reviews before trusting or updating repos with agent integrations.

元数据

Slug vet-repo

版本 1.1.1

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 3

常见问题

Vet Repo 是什么？

Scan repository agent configuration files for known malicious patterns. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 1253 次。

如何安装 Vet Repo？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install vet-repo」即可一键安装，无需额外配置。

Vet Repo 是免费的吗？

是的，Vet Repo 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Vet Repo 支持哪些平台？

Vet Repo 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Vet Repo？

由 ItsNishi（@itsnishi）开发并维护，当前版本 v1.1.1。