安全扫描
OpenClaw
可疑
medium confidenceThe tool does what it says (repairs loose JSON by evaluating it as JS), but it evaluates file contents inside a Node VM that is not a secure sandbox for untrusted input — the safety claim is misleading and using this on untrusted files can execute arbitrary code.
评估建议
This tool will execute the contents of the files you give it inside Node's VM to 'repair' loose JSON. That is functionally powerful but not a secure sandbox: a maliciously crafted file can execute JavaScript that escapes the VM and touches your filesystem or process. Only run this on files you trust. If you need to process untrusted input, consider safer alternatives: use tolerant parsing libraries (json5, strip-json-comments + JSON.parse, jsonc-parser) that don't evaluate code, or run the scrip...详细分析 ▾
✓ 用途与能力
Name/description match the code and SKILL.md: the script reads .json files (single file or recursive directory), attempts JSON.parse, and falls back to evaluating the content as JavaScript to re-serialize valid JSON. File IO and backup behavior are consistent with the stated purpose.
⚠ 指令范围
SKILL.md and index.js instruct the agent to parse malformed JSON by evaluating the file content in a vm context and assert this is safe. In practice, vm.runInContext/vm.Script do not guarantee security against sandbox escapes; evaluating arbitrary file contents can lead to arbitrary JS execution with access to the host environment via known escape patterns (e.g., constructor.constructor / Function() usage). The instructions do not warn users to only run on trusted files or describe the risk.
✓ 安装机制
No install spec; tool is instruction/code-only (index.js, package.json, test script). Nothing is downloaded or written during installation — low install risk.
✓ 凭证需求
No credentials, env vars, or external endpoints are requested. The script reads and writes local files (including recursive directory scan) which is appropriate for a file-repair utility.
✓ 持久化与权限
Skill is not always-enabled and does not request persistent platform privileges. It modifies only files the user points it at (creates .bak files by default) and exports functions for testing; it does not change other skills or global agent config.
安装前注意事项
- audit files before repair, (
- keep backups (.bak is created by default), and (
- consider replacing the eval-based fallback with a proper parser or an AST-based approach that doesn't run code.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/2/16
● 可疑
安装命令 点击复制
官方npx clawhub@latest install json-repair-kit
镜像加速npx clawhub@latest install json-repair-kit --registry https://cn.clawhub-mirror.com
技能文档
A utility to repair broken or "loose" JSON files (like those with trailing commas, single quotes, or unquoted keys) by parsing them as JavaScript objects and re-serializing as valid JSON.
Usage
# Repair a file in place (creates .bak backup)
node skills/json-repair-kit/index.js --file path/to/broken.json# Repair and save to a new file
node skills/json-repair-kit/index.js --file broken.json --out fixed.json
# Scan directory and repair all .json files (recursive)
node skills/json-repair-kit/index.js --dir config/ --recursive
Supported Repairs
- Trailing Commas:
{"a": 1,}->{"a": 1} - Single Quotes:
{'a': 'b'}->{"a": "b"} - Unquoted Keys:
{key: "value"}->{"key": "value"} - Comments: Removes JS-style comments
//(if parser supports it, standard Nodeevalmay strip them if they are line comments outside of strings). - Hex/Octal Numbers:
0xFF->255
Safety
- Backup: Always creates a
.bakfile before overwriting (unless--no-backupis used, but default is safe). - Validation: Verifies the repaired content is valid JSON before writing.
- Eval Sandbox: Uses
vm.runInNewContextto parse, ensuring no access to global scope or process. It is safer thaneval().
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制