by 安全扫描
OpenClaw
可疑
medium confidenceThe skill's description promises runtime tools that access app logs, network payloads, screenshots and reloads, but the SKILL.md gives no concrete mechanism, endpoints, or authorization details for how the agent would actually reach those capabilities — that's a mismatch that could hide sensitive-data access or simply be non-functional.
评估建议
This skill claims powerful debugging access (logs, network bodies, screenshots, app control) but the instructions never say how the agent will connect to Radon’s MCP server, what endpoint or auth to use, or what safeguards exist. Before installing or letting the agent use it: (1) Ask the author for the connector details — host/port, API schema, and auth mechanism — and only allow local-only endpoints (e.g., localhost) with explicit consent. (2) Confirm the Radon IDE extension source and license ...详细分析 ▾
⚠ 用途与能力
The skill claims to be an MCP server exposing rich runtime tools for Radon IDE (logs, network bodies, screenshots, component tree, reloads). The SKILL.md lists prerequisites (Radon extension, license) but provides no host/URL, port, protocol, RPC schema, or client binding for contacting any MCP server. That gap makes the advertised capabilities incoherent with the provided artifacts — either the skill is incomplete (no connector) or it expects implicit local infrastructure that is not specified. Additionally, the described capabilities inherently grant access to potentially sensitive app data (network bodies, headers, screenshots) which should be explicitly justified and scoped.
⚠ 指令范围
The runtime instructions direct use of tools that read and return build/runtime logs, full network request details (headers and bodies), and screenshots. These actions can expose secrets (API tokens, PII) from the developer environment or the app under test. The SKILL.md does not specify safeguards, consent flows, filtering, or limits on what data will be returned, nor does it describe how tool calls are made or authorized. It is vague about when and how the agent should call these tools, which grants broad discretion and could lead to over-collection of sensitive data.
✓ 安装机制
This is an instruction-only skill with no install spec and no code files, so nothing will be downloaded or written by the platform installer. That lowers supply-chain risk compared with skills that fetch binaries or archives.
ℹ 凭证需求
The skill declares no required environment variables or credentials, which is consistent with being an instruction-only descriptor. However, the described tools would access highly sensitive runtime artifacts (network request bodies, headers, logs, screenshots) if the underlying Radon IDE/MCP server is available. Because the SKILL.md does not require or describe any explicit authorization tokens or consent mechanics, it's unclear how access control to those sensitive artifacts is enforced — this mismatch should be clarified before trusting the skill.
✓ 持久化与权限
The skill does not request always:true and does not include install-time persistence mechanisms. Autonomous invocation is allowed by default (disable-model-invocation: false), which is platform normal; there is no indication the skill modifies other skills or system-wide settings.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/2/20
Initial release of radon-ai skill for React Native development. - Integrates Radon IDE's AI tools for enhanced React Native debugging and development workflows. - Provides commands to query React Native library documentation and get detailed library descriptions. - Enables interactive tools: reload application, view application logs, take screenshots, inspect component trees, and monitor network traffic. - Offers daily-updated knowledge base for popular React Native libraries and APIs. - Requires Radon IDE extension and license, and a running React Native or Expo project in VS Code or Cursor.
● 可疑
安装命令
点击复制官方npx clawhub@latest install radon-ai
镜像加速npx clawhub@latest install radon-ai --registry https://cn.longxiaskill.com