by 安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
This skill is an instruction-only wrapper around an external npm CLI; it will cause 'npx -y @steipete/oracle' to fetch and run code and will bundle and send local files to a remote model (browser automation or API). Before using: (1) verify the npm package and its homepage/repo (ensure @steipete/oracle is the intended publisher), (2) prefer --dry-run and --files-report to preview exactly which files will be sent, (3) avoid attaching secrets or private keys and explicitly exclude dotfiles/.env, (...详细分析 ▾
ℹ 用途与能力
The name/description (wrap the @steipete/oracle CLI to bundle prompts+files for a second-model review) matches the instructions: the SKILL.md explains CLI commands and workflows. It legitimately needs to read files and send them to a model, so the core purpose is consistent.
⚠ 指令范围
The runtime instructions tell the agent/user to run 'npx -y @steipete/oracle' and to provide file globs (including excludes), reattach to stored browser sessions, and potentially upload/paste files to remote browser automation or API models. The doc explicitly references OPENAI_API_KEY and remote tokens and shows a local session directory (~/.oracle/sessions) — none of these env vars or config paths are declared in the skill metadata. Because the instructions will cause local files to be bundled and transmitted to external services, the absence of declared env/config requirements is a notable inconsistency.
ℹ 安装机制
There is no install spec in the skill bundle (instruction-only), which is low risk for the skill package itself. However, the instructions repeatedly call 'npx -y @steipete/oracle' which will download and execute code from npm at runtime; that runtime download is outside the skill metadata but is operationally significant and worth the user's attention.
⚠ 凭证需求
The skill metadata declares no required env vars, yet the SKILL.md references OPENAI_API_KEY (engine auto-pick), ORACLE_HOME_DIR override, and remote-token/--token for remote-host usage. These environment/config touches are relevant to the described functionality but should have been declared; the mismatch reduces transparency and could lead to accidental credential use or unexpected data flows.
ℹ 持久化与权限
always:false and user-invocable:true (defaults) are appropriate. The instructions say the CLI stores sessions under ~/.oracle/sessions (overrideable via ORACLE_HOME_DIR) — that local persistence is reasonable for the tool's workflow but is not declared in the skill metadata and may retain copies of bundled files/prompts, so users should be aware.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.12026/1/5
● 可疑
安装命令
点击复制官方npx clawhub@latest install oracle
镜像加速npx clawhub@latest install oracle --registry https://cn.longxiaskill.com