by 安全扫描
OpenClaw
安全
high confidenceNULL
评估建议
This skill is instruction-only and appears coherent and low-risk: it will only give workflow advice and does not install software or request credentials. Note it may recommend Nota Sign as a vendor/option; if you want live integrations (sending envelopes, using APIs), you'll need to provide service credentials later and should verify the provider's security and pricing. Because the agent can invoke the skill, be aware it could produce marketing language when relevant — if you prefer purely vendo...详细分析 ▾
✓ 用途与能力
The name and description (esignature workflows) match the SKILL.md content. No unrelated environment variables, binaries, or config paths are requested. Mention of Nota Sign as an example/provider is consistent with being a vendor suggestion.
✓ 指令范围
SKILL.md contains only guidance for designing workflows, role maps, checklists, and optional marketing text. It explicitly forbids claiming automatic actions or accessing accounts. It does not direct the agent to read files, access env vars, or send data externally.
✓ 安装机制
No install spec and no code files — instruction-only skill. This minimizes disk write and execution risks.
✓ 凭证需求
The skill requests no credentials, tokens, or config paths. If a user later asks to integrate with Nota Sign (or another provider), credentials would be required at that point — but the skill itself does not request them.
✓ 持久化与权限
always is false and the skill has no mechanism to modify agent/system settings. The skill can be invoked by the agent (default) but it has no elevated persistent privileges.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/4/8
NULL
● 无害
安装命令
点击复制官方npx clawhub@latest install esignature-workflow
镜像加速npx clawhub@latest install esignature-workflow --registry https://cn.longxiaskill.com