by 安全扫描
OpenClaw
安全
medium confidenceThe skill is internally consistent: it delegates AWS Well‑Architected access to the Membrane service/CLI and does not request unrelated credentials or local secrets, but it requires installing a third‑party CLI and trusting Membrane to hold AWS credentials and data.
评估建议
This skill appears coherent but you should: 1) Confirm you trust Membrane (getmembrane.com) because the service will store/handle AWS credentials and workload data; review their security, privacy, and data retention policies. 2) Inspect the @membranehq/cli npm package (publisher, GitHub repo, recent release notes) before running npm install -g; prefer npx for ephemeral runs if you want to avoid a global install. 3) When connecting AWS, use least‑privilege IAM roles/permissions (create a role sco...详细分析 ▾
✓ 用途与能力
The name/description (AWS Well‑Architected integration) matches the instructions: all runtime actions use the Membrane CLI to create connections, list and run actions against an AWS Well‑Architected connector. There are no unrelated env vars, binaries, or config paths requested.
ℹ 指令范围
All runtime instructions are limited to installing/using the Membrane CLI (login, connect, action list/run). The SKILL.md does not instruct reading unrelated files or env vars. It does, however, instruct interactive login flows and directing users to open browser URLs — which will result in credentials being provisioned to Membrane (server‑side).
ℹ 安装机制
There is no formal install spec in the registry (instruction‑only), but the SKILL.md tells users to run npm install -g @membranehq/cli@latest (or npx in examples). Installing a global npm package is a normal but higher‑privilege operation because install scripts run on the machine; consider using npx or auditing the package before global install.
ℹ 凭证需求
The skill requests no local environment variables or credentials, which is proportionate. However, the workflow explicitly delegates credential management to Membrane — the user will need to authenticate/authorize Membrane to access their AWS Well‑Architected data. That is appropriate for the stated purpose but is a trust/privacy decision (third‑party receives access to AWS/workload metadata).
✓ 持久化与权限
The skill does not request always:true, does not modify other skills, and is instruction‑only (no files are written by the skill itself). Autonomous invocation (default) is allowed by platform but the skill itself does not introduce extra persistent privileges.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
安装命令
点击复制官方npx clawhub@latest install aws-well-architected
镜像加速npx clawhub@latest install aws-well-architected --registry https://cn.longxiaskill.com 镜像可用