安全扫描
OpenClaw
安全
high confidenceThe skill's code and runtime instructions match its stated purpose (recursively validating .json files) and there are no requests for unrelated credentials, network access, or unusual install steps.
评估建议
This skill appears to do exactly what it says: recursively read .json files and report syntax errors. Before installing or running it, consider: 1) it will read any .json files in the workspace (so it can see JSON-formatted secrets/configs); 2) the bundled code runs under node — review index.js and scripts/test.js yourself or run them in a sandbox/container if you are unsure; 3) there is no network activity in the code, and no external downloads are performed, which reduces risk; 4) if you want ...详细分析 ▾
✓ 用途与能力
Name and description match the delivered code: index.js and SKILL.md implement a recursive workspace scan for .json files and validate them with JSON.parse(). No extra binaries, env vars, or unrelated capabilities are requested.
✓ 指令范围
SKILL.md instructs running the included Node script to scan a directory. The implementation reads filesystem directories and files, parses JSON, and emits a report. It does not access the network, other processes, or system credentials. It will read any .json files in the workspace (which is expected for this purpose).
✓ 安装机制
There is no install spec or external download; this is essentially an instruction-only skill with bundled scripts. package.json declares no dependencies. Risk from installation is minimal because nothing is fetched from remote sources.
✓ 凭证需求
The skill declares no required environment variables or credentials and the code does not read env vars. Note: because it scans the workspace, it can read any JSON files present — including files that may contain secrets (e.g., credentials stored as JSON). This access is coherent with the skill's purpose but is something the user should be aware of.
✓ 持久化与权限
Flags are default (always: false). The skill does not modify other skills or global agent configuration. It can be invoked autonomously by the agent (platform default), but that is not a unique privilege for this skill.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/2/16
● 无害
安装命令 点击复制
官方npx clawhub@latest install json-linter
镜像加速npx clawhub@latest install json-linter --registry https://cn.clawhub-mirror.com
技能文档
A simple utility to recursively scan the workspace for .json files and validate their syntax using JSON.parse().
Usage
# Scan the entire workspace (from current working directory)
node skills/json-linter/index.js# Scan a specific directory
node skills/json-linter/index.js --dir path/to/dir
Output
JSON report containing:
scanned_at: Timestamptotal_files: Number of.jsonfiles scannedvalid_files: Number of valid filesinvalid_files: Number of invalid fileserrors: Array of error objects:
path: Relative path to file
- error: Error message (e.g., "Unexpected token } in JSON at position 42")Example Output
{
"scanned_at": "2026-02-14T21:45:00.000Z",
"total_files": 150,
"valid_files": 149,
"invalid_files": 1,
"errors": [
{
"path": "config/broken.json",
"error": "Unexpected token } in JSON at position 42"
}
]
}
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制