by 安全扫描
OpenClaw
安全
high confidenceThe packet is internally coherent for its stated purpose (read‑only local Switchyard MCP diagnostics); it is instruction-only but requires cloning and running a GitHub repository with pnpm — review the repo and run in an isolated environment before executing.
评估建议
This packet is coherent for local, read-only Switchyard diagnostics, but it requires cloning and running a third-party GitHub repo with pnpm. Before installing or following its instructions: 1) review the referenced repository (package.json scripts, pnpm install effects, any postinstall hooks) to ensure you trust it; 2) run the demo in an isolated environment (container or VM) to limit blast radius; 3) replace /ABSOLUTE/PATH/TO/SWITCHYARD carefully and avoid running commands as root; 4) if you c...详细分析 ▾
✓ 用途与能力
Name/description match the contents: the skill is a read-only diagnostics packet that teaches an agent how to attach a local MCP server and run specific read-only queries. Nothing in the files asks for unrelated credentials, system-wide config, or capabilities beyond starting and querying a local MCP surface.
ℹ 指令范围
SKILL.md and references direct the agent to clone a GitHub repo and run pnpm scripts to launch a local MCP server, then call read-only MCP tools. This stays within the stated diagnostics scope, but it does instruct executing code from an external repository and running local commands (pnpm install/run), which can have side effects if the repository or its scripts are malicious or untrusted.
ℹ 安装机制
No install spec in the skill bundle itself (instruction-only). The instructions rely on cloning a third-party GitHub repo and running pnpm, which is a common but higher-risk install approach because it pulls and executes upstream code. The repo URL is explicit (github.com/xiaojiou176-open/Switchyard.git) — not a shortener or IP, but you should verify the repo before cloning and running.
✓ 凭证需求
The skill declares no required environment variables, no credentials, and no config paths beyond repo-local MCP config snippets. The requested access is proportional to the stated task: launching and querying a local read-only runtime. There are no unrelated secrets requested.
✓ 持久化与权限
always is false and the packet is instruction-only; it does not request persistent presence or modification of other skills. Autonomous invocation is allowed by default (platform behavior) but not unusual here and not combined with other privilege escalation indicators.
⚠ references/OPENCLAW_MCP_CONFIG.json:11
Install source points to URL shortener or raw IP.
⚠ references/OPENHANDS_MCP_CONFIG.json:10
Install source points to URL shortener or raw IP.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/4/9
Initial release of switchyard-runtime-diagnostics skill: - Provides installation and usage instructions for Switchyard's read-only MCP runtime diagnostics. - Details safe tools for examining runtime and catalog state without making changes. - Guides diagnosis of providers and runtime boundaries, with specific guardrails for safety. - Includes step-by-step references for configuration and troubleshooting. - Emphasizes read-only, diagnostic use to ensure claims stay partial and non-disruptive.
● 可疑
安装命令 点击复制
官方npx clawhub@latest install switchyard-runtime-diagnostics
镜像加速npx clawhub@latest install switchyard-runtime-diagnostics --registry https://cn.clawhub-mirror.com
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制