📦 Network Log Analysis — 网络日志分析
v1.0.0无需SIEM,直接解析设备级syslog,指导rsyslog/syslog-ng日志取证与异常溯源。
0· 80·1 当前·1 累计
by 下载技能包
最后更新
2026/4/1
安全扫描
OpenClaw
安全
high confidenceNULL
评估建议
This skill appears coherent for offline syslog forensic work. Before installing, verify how your agent/platform will obtain access to the syslog collector and network devices: provide only read-only SSH/console credentials and limit filesystem access to the collector log directories. Be aware log files may contain sensitive data (IPs, usernames, session identifiers); ensure your agent is not allowed to exfiltrate logs or send them to external endpoints. Because the skill runs shell-style parsing...详细分析 ▾
✓ 用途与能力
The name/description (syslog-based network log analysis) match the instructions and reference materials: examining /etc/rsyslog.conf, /etc/syslog-ng/, /var/log/*, device CLI commands, and using grep/awk/sort is exactly what you'd expect for this task. No unrelated services, binaries, or credentials are requested.
ℹ 指令范围
The SKILL.md explicitly instructs the agent to read collector config files and log directories (e.g., /etc/rsyslog.conf, /var/log/*) and to query devices via CLI (show logging, show ntp). That scope is appropriate for forensic timeline work, but it assumes the agent has SSH/console access and read permissions; ensure any credentials given are least-privilege (read-only). The instructions do not direct data to external endpoints or perform unexpected collection beyond logs and device config/status.
✓ 安装机制
Instruction-only skill with no install steps, no downloaded artifacts, and no declared dependencies. This is the lowest-risk install posture.
ℹ 凭证需求
The skill declares no required environment variables or credentials, which is consistent because it expects direct access to syslog files and device CLIs provided by whatever platform or operator supplies credentials. Users should confirm how the agent/platform will provide SSH/device credentials and that those credentials are scoped to read-only access for the collector and devices.
✓ 持久化与权限
always: false and no install behavior means the skill does not request permanent presence or elevated platform privileges. The default ability for the agent to invoke the skill autonomously is normal; it is not combined with other risky flags.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/4/1
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install network-log-analysis
镜像加速npx clawhub@latest install network-log-analysis --registry https://cn.longxiaskill.com