📦 Powershell Sandbox — 安全脚本沙箱
v0.1.0在受限 PowerShell 环境中安全执行脚本,支持命令白名单、超时控制、输出限制、文件隔离和执行前安全检查,防止恶意代码破坏系统。
0· 87·0 当前·0 累计
by 下载技能包
最后更新
2026/3/26
安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
Do not install or run this skill as-is. Before trusting it: (1) ask the publisher/source for the actual sandbox implementation (src/sandbox.ps1) and confirm it is present; (2) review the sandbox.ps1 code to verify command/.NET-type filtering, file-path isolation, and job-based termination are implemented securely and cannot be trivially bypassed; (3) verify runtime requirements (PowerShell version, OS) and that your agent environment meets them; (4) test the implementation in an isolated VM with...详细分析 ▾
⚠ 用途与能力
SKILL.md and package.json describe and document a runnable PowerShell sandbox (src/sandbox.ps1, tests, etc.) but the package contains no code files—only documentation. The skill also claims to target PowerShell 5.1+/7+ yet the metadata declares no required binaries or OS restriction. An agent would need PowerShell installed to fulfill the stated purpose; the absence of declared runtime requirements and the missing sandbox implementation are incoherent with the described capability.
ℹ 指令范围
The instructions describe scanning script contents, enforcing command and .NET-type whitelists, running scripts as PowerShell jobs, enforcing timeouts, truncating output, and writing audit logs to a local path. These runtime actions are broadly consistent with the stated goal. However, the doc-level instructions direct the agent to exec a local sandbox script (path shown) that does not exist in the package; the pre-execution scanning approach described could be bypassed by obfuscation or dynamic code constructs (IEX is explicitly forbidden, but other vectors exist). The doc also instructs writing audit logs to '.learnings/sandbox-log.md' (writing to disk) which is reasonable for auditing but should be validated.
ℹ 安装机制
There is no install spec (instruction-only), which minimizes install-time risk. However, package.json declares 'main': 'src/sandbox.ps1' and tests, yet those files are absent from the package. This discrepancy is suspicious: the package claims a runnable entrypoint and passing tests but provides only documentation.
✓ 凭证需求
The skill requests no environment variables or credentials, which is proportionate for a local sandbox. One caution: the skill exposes an '-AllowNetwork' option that, if used, permits network access; enabling it increases risk and should be avoided unless absolutely necessary and validated. The documentation's recommended behaviors (no external interfaces, use sandbox for untrusted code) align with the lack of credentials.
✓ 持久化与权限
The skill does not request persistent or system-wide privileges; flags show always:false and normal model invocation behavior. It does recommend creating local audit logs but does not claim to modify other skills or system configs. No elevated privileges are requested in metadata.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.1.02026/3/26
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install powershell-sandbox
镜像加速npx clawhub@latest install powershell-sandbox --registry https://cn.longxiaskill.com