📦 Active — 活跃
v0.2.0Defense Sentinal 用于 OpenClaw、Hermes Agent、主机完整性及 OpenClaw skill-supply-chain 扫描的防御性分类技能。可检测 prompt injection、会话漂移、上下文...
0· 18·0 当前·0 累计
by 下载技能包
最后更新
2026/4/21
安全扫描
OpenClaw
安全
medium confidenceThe skill's stated purpose (defensive triage and pre-install skill scanning) matches the instructions and there are no declared credentials or install steps, but it assumes external tools and an environment variable without declaring them — worth reviewing before use.
评估建议
This is an instruction-only defensive skill whose behavior and constraints are internally consistent, but review these before installing/using: 1) Source and provenance: the package has no homepage/source repo listed — prefer published code from a known origin before trusting automated quarantine actions. 2) Toolchain assumptions: the workflow references external tools (`uv`, `skill-scanner`, `npx clawhub`) and an env var ($OPENCLAW_WORKSPACE_DIR) that are not declared; ensure those tools are th...详细分析 ▾
✓ 用途与能力
Name/description (defensive triage, skill supply-chain scanning, host checks) align with the instructions: scanning candidate skills, checking session health, collecting evidence, and quarantining installed skills. The use of a skill-scanner and clawhub staging is coherent with the stated supply-chain scanning purpose.
ℹ 指令范围
SKILL.md instructs reading local OpenClaw state, logs, session transcripts, and scanning/moving skill directories. These actions are within the declared purpose but include filesystem reads and (on High/Critical findings) moving installed skill directories into a quarantine path. The document repeatedly states destructive/mutating actions require explicit authorization and prefers read-only by default, which constrains scope. One minor inconsistency: it references $OPENCLAW_WORKSPACE_DIR for staging but the skill does not declare that env var.
ℹ 安装机制
There is no install spec (instruction-only) which minimizes upfront disk writes. However runtime instructions call out external commands (e.g., `uv run skill-scanner` and `npx -y clawhub`) that will fetch/execute external tools at runtime if not present. This is expected for a scanner/staging workflow but is worth awareness because it implies network fetches when invoked.
ℹ 凭证需求
The skill declares no required env vars or credentials (appropriate for a defensive doc). SKILL.md nevertheless references $OPENCLAW_WORKSPACE_DIR in the staging workflow; that env var is not declared. No secrets, cloud keys, or unrelated credentials are requested, which is proportionate.
✓ 持久化与权限
The package has no install-time persistence, does not request 'always: true', and explicitly states 'no stealth, no persistence' and that mutations require explicit user approval. Autonomous invocation is enabled (platform default) but there is no evidence the skill demands elevated, always-on privileges.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.2.02026/4/21
Publish release 0.2.0 for active-defense-sentinal. Includes defensive triage policy, OpenClaw/Hermes/host adapters, and the skill-supply-chain scanner workflow.
● 无害
安装命令
点击复制官方npx clawhub@latest install active-defense-sentinal
镜像加速npx clawhub@latest install active-defense-sentinal --registry https://cn.longxiaskill.com