by 安全扫描
OpenClaw
可疑
medium confidenceThe skill's instructions generally match its stated purpose (running a red-team runner), but there are small inconsistencies and operational risks — notably an undocumented need for Node tooling, a global npm install instruction, and vague handling of 'signed receipts' — that warrant caution before installing or running it.
评估建议
This skill appears to do what it says (run red-team checks against protect-mcp policies) but exercise caution: 1) The SKILL.md tells you to run a global 'npm install -g' — that will download and execute code from npm, so only proceed if you trust the @scopeblind and protect-mcp packages and their maintainers. 2) Verify you have Node/npm/npx installed (the registry metadata omitted this requirement). 3) Ask or inspect how 'signed receipts' are produced and where badges are sent — if signing requi...详细分析 ▾
ℹ 用途与能力
The skill claims to run attack suites against protect-mcp policies and the SKILL.md instructs use of @scopeblind/red-team and protect-mcp npm packages, which is coherent with the stated purpose. However the registry-level metadata provided to you earlier lists no required binaries while the SKILL.md declares 'npx' is required — this metadata mismatch is unexplained.
ℹ 指令范围
Runtime instructions are concise and stay on-task (examples show npx scopeblind-red-team --policy ...). They also include an 'install' line telling the user to run a global npm install. The SKILL.md mentions producing 'signed receipts and badges' but does not explain how signing keys are obtained or where badges/receipts are uploaded, which is vague and could lead to unexpected requests or network activity.
ℹ 安装机制
There is no platform install spec, but the skill's instructions tell users to run 'npm install -g @scopeblind/red-team@latest protect-mcp@latest'. Installing packages from the public npm registry is a common choice for this tooling but carries the normal risks of executing third‑party package code and modifying the system (global install). This is expected for the stated purpose but requires trusting the npm packages and their maintainers.
⚠ 凭证需求
The SKILL.md declares no required environment variables, yet it promises 'signed receipts' without explaining key management; that suggests missing credential requirements or unclear behavior. Also the earlier provided registry summary omitted the SKILL.md's declared dependency on 'npx' (and implicitly Node/npm), which is an unexplained discrepancy that could cause surprises at runtime.
✓ 持久化与权限
The skill is not marked always:true, it is user-invocable, and there is no indication it attempts to persistently modify other skills or global agent configuration. The only persistence-related action in instructions is a recommended global npm install, which is local system modification but not an agent privilege escalation.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
安装命令
点击复制官方npx clawhub@latest install scopeblind-red-team
镜像加速npx clawhub@latest install scopeblind-red-team --registry https://cn.longxiaskill.com