📦 Massat Security Audit — 安全防护工具
v1.0.0安全性 audit 用于 multi-agent AI systems - OWASP ASI01-ASI10
0· 80·0 当前·0 累计
by @craigmbrown 安全扫描
OpenClaw
可疑
medium confidenceInstruction-only audit skill that mostly matches its stated purpose (calling an external audit API) but contains unexplained permissions and payment/token handling and lacks provenance, so proceed with caution.
评估建议
This skill is an instruction-only wrapper around an external audit API (craigmbrown.com / BlindOracle). Before installing: 1) Confirm the vendor (craigmbrown) and service reputation and review the privacy policy — the skill will send targets (repo URLs) over the network and could expose code or metadata. 2) Clarify payment handling: who provides the X-Payment token, how it's stored, and whether it should be supplied via a secure env var rather than embedded. 3) Ask why file_read permission is de...详细分析 ▾
ℹ 用途与能力
The SKILL.md describes a MASSAT/BlindOracle network-based audit service and the shown curl examples align with that purpose. However the skill metadata in the runtime instructions declares file_read permission (but the examples never show reading local files), and the registry metadata lists no required env vars while the service requires an ecash payment header for paid audits. The missing homepage/source and an opaque owner ID are additional provenance gaps.
ℹ 指令范围
The instructions are narrow: POST a target repo URL to an external API and receive an audit report. They do not instruct reading unrelated system files or environment variables. That said, the declared permission set (network + file_read) is broader than what the examples use, and some claims (e.g., 'validate Microsoft AGT runtime governance') are vague and not mapped to concrete steps.
✓ 安装机制
No install spec and no code files (instruction-only). This minimizes on-disk footprint and install-time risk.
⚠ 凭证需求
Registry declares no required env vars, yet the SKILL.md requires a payment header (X-Payment: x402) for full audits. The skill also declares file_read permission without showing why it is needed. Sending repository URLs or potentially uploading code to an external endpoint (craigmbrown.com) is sensitive — the skill requests network access and possibly file reads that could expose secrets if the implementation were to upload or read local repos.
✓ 持久化与权限
always is false and there is no install-time persistence. Autonomous invocation is allowed (platform default) but not combined with other high privileges in the manifest.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
安装命令
点击复制官方npx clawhub@latest install massat-security-audit
镜像加速npx clawhub@latest install massat-security-audit --registry https://cn.longxiaskill.com