by 安全扫描
OpenClaw
可疑
medium confidence技能行为(监控、备份、重启、回滚)与描述一致,但元数据缺少必需配置,脚本包含硬编码开发者账号和外部 Matrix 目的地——此不匹配和出站通知应在安装前审查。
评估建议
在审查和编辑脚本及服务文件前,不得安装或启用此服务。具体:
- 将 SESSION_FILE 修改为指向您自己的代理/会话文件(SKILL.md 重复警告这是必需的)。元数据未声明 SESSION_FILE 是一个疏漏——应视为必需。
- 用您自己的账号/目标替换硬编码的 --account huoxiaoxing 和 Matrix 目的地 (!HwJBqEut...:matrix.local),或如果您不想要外部通知则删除消息发送行。
- 验证 OPENCLAW_BIN 是否正确适用于您的系统,并在脚本自动重启网关之前手动测试重启/状态命令。
- 检查和控制备份和日志文件的权限(它们可能包含配置或敏感元数据)。确保备份存储在您信任的位置。
- 在安全环境(非生产)中手动测试脚本,并在安装 systemd 之前先运行它。仅在修改 User、ExecStart/Stop、WorkingDirectory 和 Environment 条目后才复制服务文件到 /etc/systemd/system。
- 如果您对外部通知不放心,移除或禁用消息发送调用,依赖您控制的本地日志记录/电子邮件。...详细分析 ▾
⚠ 用途与能力
The skill's stated purpose (monitor openclaw.json, backup, restart, rollback) aligns with the provided script. However the registry metadata lists no required environment variables or credentials, while SKILL.md and the script require a SESSION_FILE and expect an OpenClaw binary path. The omission of these required configuration items from metadata is an incoherence.
⚠ 指令范围
The runtime instructions (and included guard.sh) do more than file-watching: they read ~/.openclaw openclaw.json and a SESSION_FILE to detect message activity, write backups and logs, restart the gateway via an OpenClaw binary, and send status messages to a hard-coded Matrix ID. The external notifications and hard-coded account (--account huoxiaoxing) are outside what a minimal 'config guard' would need and constitute unexpected external communications.
ℹ 安装机制
This is an instruction-only skill with included scripts (no download/install spec). Installation requires copying a service file into /etc/systemd/system (requires sudo) and marking the script executable—normal for a persistent daemon but it gives the script persistent presence on the system once installed.
⚠ 凭证需求
Although the registry lists no required env vars/credentials, SKILL.md and guard.sh require and reference SESSION_FILE, OPENCLAW_BIN, and other env vars. The script also hard-codes an agent/account name ('huoxiaoxing') and a Matrix target (!HwJBqEut...:matrix.local) for outbound messages. Requesting no declared credentials but performing outbound network notifications (using someone else's account/target) is disproportionate and unexpected.
ℹ 持久化与权限
The skill does not set always:true and is user-invocable. If installed as instructed, it becomes a systemd-managed persistent service (auto-restarting) running as the configured User. That persistence is normal for a daemon but combined with the above issues increases potential blast radius if misconfigured.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.12026/3/12
- No code or documentation changes in this release. - Version bumped to 1.0.1 with no changes detected.
● 可疑
安装命令 点击复制
官方npx clawhub@latest install continuous-openclaw-config-guard
镜像加速npx clawhub@latest install continuous-openclaw-config-guard --registry https://cn.clawhub-mirror.com
技能文档
功能描述
监控openclaw.json 文件的修改,编辑前备份,重启网关,若在可配置超时内无消息则自动回滚。使用指南
- 配置 SESSION_FILE:确保指向您自己的代理/会话文件。
- 修改硬编码账号:替换为您自己的账号或目标。
- 手动测试:在安装服务前确保脚本在安全环境中正常运行。
# 示例:手动运行脚本(路径根据实际情况调整)
./config_guard.sh
注意
- 请确保
OPENCLAW_BIN正确指向您的系统路径。 - 在生产环境使用前,确保所有命令和备份机制正常工作。
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制