by 安全扫描
OpenClaw
安全
high confidenceNULL
评估建议
This skill is coherent with its stated purpose, but it can access or index local chat transcripts, home directories, and GitHub only when you explicitly enable those options. Before installing or running: 1) Keep remote-install disabled unless you trust the repository and set PROJECT_OS_ROOT to a local checkout. 2) Only set PROJECT_OS_INCLUDE_CHAT_ROOTS=1 or PROJECT_OS_ENABLE_GITHUB_SYNC=1 if you want those features and understand they will read local chat folders or use your GITHUB_TOKEN / gh C...详细分析 ▾
✓ 用途与能力
Name/description (local-first, chat-first project manager) aligns with requested binaries and env vars: only python3 is required and the optional env flags control chat indexing, GitHub sync, home discovery, and remote install. The scripts are wrappers that expect a separate project-os repo (project_os package) and will refuse or require explicit opt-in before performing remote clone/install.
ℹ 指令范围
SKILL.md directs the agent to run scripts/project_router.sh which in turn runs bootstrap/setup scripts and the project_os Python CLI. Those scripts will scan local roots and (if enabled) conversation roots and GitHub. By default chat indexing, home-discovery, GitHub sync, and remote install are disabled; enabling them is controlled by explicit environment variables (PROJECT_OS_INCLUDE_CHAT_ROOTS, PROJECT_OS_ENABLE_GITHUB_SYNC, PROJECT_OS_ENABLE_HOME_DISCOVERY, PROJECT_OS_AUTO_SETUP and PROJECT_OS_ALLOW_REMOTE_INSTALL).
✓ 安装机制
No automated install spec in the registry; this is instruction+script based. Remote install is possible only when two opt-in flags are set and the repo URL matches a TRUSTED_REPO_URL; the remote clone uses a GitHub URL. There are no opaque downloads or URL shorteners in the codebase.
ℹ 凭证需求
The skill requests only PROJECT_OS_ROOT (or explicit remote-install opt-in) plus optional flags for chat/GitHub/home discovery. If you enable GitHub sync, the tooling will look for GITHUB_TOKEN or call the gh CLI; enabling chat indexing or home discovery allows scanning of local chat folders and user home subfolders. These env/credential needs are proportionate but enable access to potentially sensitive local data when turned on.
✓ 持久化与权限
always is false and the skill does not request system-wide privileges. It creates data under $HOME/.project_os and may start a local dashboard (binds to PROJECT_OS_HOST:PROJECT_OS_PORT, default 127.0.0.1:8765). Daemonization is handled locally via daemonize_command.py. Nothing modifies other skills or global agent settings.
安全有层次,运行前请审查代码。
运行时依赖
🖥️ OSLinux · macOS · Windows
版本
latestv1.2.12026/2/23
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install project-os-organizer
镜像加速npx clawhub@latest install project-os-organizer --registry https://cn.longxiaskill.com