by 安全扫描
OpenClaw
安全
medium confidenceNULL
评估建议
This skill appears to do what it says: inject virtual files and send Telegram notifications by reading your OpenClaw config and workspace. Before installing or enabling it: (1) Inspect ~/.openclaw/openclaw.json to see what tokens would be accessible — the example extracts botToken via regex from that file. (2) Replace placeholder chat IDs in the example or set TELEGRAM_CHAT_ID appropriately. (3) Be aware the hook will read workspace files (e.g., memory/*.md) and can send their info in messages. ...详细分析 ▾
✓ 用途与能力
The name/description (developing and debugging OpenClaw internal hooks) aligns with the instructions and included code: reading workspace files, injecting virtual bootstrap files, and calling the Telegram API are coherent capabilities for this purpose. No unrelated services or credentials are requested.
ℹ 指令范围
SKILL.md instructs the agent to read ~/.openclaw/openclaw.json, workspace files (e.g., ~/.openclaw/workspace/memory), and call api.telegram.org — all consistent with a notification/debugging hook. It does read/semi-parse a local config file to extract bot tokens (which are secrets), so users should expect the hook to access those local files. There are no instructions to exfiltrate data to unexpected endpoints.
✓ 安装机制
This is instruction-only (no install spec). The skill ships two example JS scripts but does not download or install remote code during install — lower installation risk.
ℹ 凭证需求
The skill does not declare required env vars, but its code reads the user's OpenClaw config file to extract botToken and may use TELEGRAM_CHAT_ID / OPENCLAW_CONFIG if set. Reading the OpenClaw config (which can contain tokens) is proportionate to sending Telegram notifications, but users should be aware that the hook will access local config files containing secrets.
✓ 持久化与权限
The skill does not request permanent/always-on privileges and is user-invocable. It documents placing hooks under ~/.openclaw/hooks and modifying ~/.openclaw/openclaw.json — actions expected for hook deployment; nothing in the package attempts to modify other skills or system-wide agent settings.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.22026/3/14
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install openclaw-hook
镜像加速npx clawhub@latest install openclaw-hook --registry https://cn.longxiaskill.com