by 安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
This skill appears to implement the claimed remote-signer architecture, but several things to check before installing:
- Required tools: the manifest lists no required binaries, but the scripts need Docker/docker-compose, lnd/lncli, jq, curl, openssl, tar/base64 (and git/Go if building from source). Make sure those are installed and that you trust them.
- Sensitive outputs: the setup and export scripts write the seed mnemonic and wallet passphrase to disk (~/.lnget/signer) and export an admin m...详细分析 ▾
ℹ 用途与能力
The name/description (remote lnd signer) match the provided scripts and templates. However the registry metadata declares no required binaries or env vars while the scripts clearly require Docker/docker-compose, lnd/lncli, jq, openssl, curl, tar/base64, and (for --source) git and Go. That discrepancy (metadata says 'none' but scripts need many tools) is an incoherence the user should be aware of.
⚠ 指令范围
The runtime instructions and scripts create and store sensitive material on the signer host (seed mnemonic, wallet passphrase, TLS cert, admin macaroon), copy files into containers, and produce a base64-encoded credentials bundle intended for transfer to the agent. Exporting the admin macaroon by default (admin.macaroon) grants full RPC privileges and is a risky default. Scripts also source helper scripts from ../lib (e.g., lib/rest.sh, lib/config-gen.sh) that are not included in the manifest — sourcing external shell code is a notable point of trust and potential supply-chain concern.
ℹ 安装机制
There is no formal install spec (instruction-only), which is lower-risk in the sense nothing is automatically downloaded by the platform. The scripts do pull the public Docker image lightninglabs/lnd:v0.20.0-beta (a known public repo) and optionally clone/build from GitHub — these are expected for this purpose. No arbitrary/personal download URLs or obfuscated fetches were found.
⚠ 凭证需求
The skill declares no required env vars or credentials, yet the scripts read and respect several environment variables (LNGET_SIGNER_DIR, LND_SIGNER_DIR, LND_IMAGE, LND_VERSION, etc.) and require access to Docker/socket and filesystem paths in the user's home. The skill will create and store secret material (seed, wallet-password.txt) under ~/.lnget/signer. It also exports an admin macaroon into the bundle; asking for or producing an admin macaroon without declaring/justifying privileged access is disproportionate.
⚠ 持久化与权限
always:false (good), and there is no installation step that permanently modifies other skills. However the scripts will write secrets and configs to disk (~/.lnget/signer, ~/.lnd-signer), create Docker containers/volumes, and copy sensitive files into containers. Combined with autonomous invocation being allowed by default, the skill could be used to create/export credentials bundles programmatically — a capability with high blast radius if invoked on an untrusted agent or if output is exfiltrated.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/2/11
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install lightning-security-module
镜像加速npx clawhub@latest install lightning-security-module --registry https://cn.longxiaskill.com