by 安全扫描
OpenClaw
可疑
high confidenceThe SKILL.md requires privileged tool access (reading/writing platform files, sessions_send/message, sessions_history) and direct reads of /root/.openclaw/openclaw.json but the package/registry metadata do not declare those permissions or config paths — this mismatch and the instructions to broadcast file contents/private history are concerning.
评估建议
Before installing, ask the publisher to explicitly declare the exact permissions and config paths (openclaw.permissions / required tools) in package.json and registry metadata. Request justification for (a) reading /root/.openclaw/openclaw.json, (b) using sessions_history to fetch private agent chat history, and (c) broadcasting file contents / full absolute paths to group chats. If you must test, run in an isolated environment and restrict the skill's tool permissions to the minimum subset you ...详细分析 ▾
⚠ 用途与能力
The skill's stated purpose (multi-agent collaboration) reasonably needs tools like read/write and sessions_send/message, but the package.json and registry metadata do not declare any required permissions or config paths. That omission is inconsistent: SKILL.md explicitly requires tool permissions and access to platform config files, yet the skill advertises no such requirements.
⚠ 指令范围
Runtime instructions instruct agents to force-read files under /root/.openclaw/shared and (explicitly allowed) /root/.openclaw/openclaw.json, to invoke sessions_history for upstream private/chat history, and to broadcast ACKs/errors and absolute file paths into group chats. These actions can expose sensitive contents or private agent histories; the SKILL.md gives broad, immediate data-access directives rather than limited/consented reads.
✓ 安装机制
This is an instruction-only skill with no install spec and no code files, which minimizes direct supply-chain risk. There are no download URLs or archive extracts to evaluate.
⚠ 凭证需求
No environment variables or credentials are declared, but the skill requires access to privileged runtime tools and to platform config files that may contain routing/account info. Requiring sessions_history and reading openclaw.json are high-privilege operations that are not reflected in the declared metadata.
ℹ 持久化与权限
always:false (default) and model invocation is allowed (also default). The skill does not request permanent installation or claim to modify other skills, so persistence is not itself a red flag — but autonomous invocation combined with the other concerns increases potential impact.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.4.12026/3/21
Added explicit support and syntax examples for Feishu/Lark @mentions in Precision Mentions rule
● 无害
安装命令 点击复制
官方npx clawhub@latest install advanced-collab-protocol
镜像加速npx clawhub@latest install advanced-collab-protocol --registry https://cn.clawhub-mirror.com
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制