by 安全扫描
OpenClaw
可疑
medium confidenceThe skill's code and runtime instructions do what the description says (scan Gitea repos, render/save briefs, update status, log, and return email payloads), but the package metadata incorrectly declares no required environment variables while the code clearly requires sensitive Gitea credentials and other config — an inconsistency you should resolve before installing.
评估建议
Key points before installing or enabling this skill:
- Metadata vs code mismatch: the package metadata claims no required env vars, but setup.sh and the Python scripts require GITEA_BASE_URL, GITEA_TOKEN_BOT, AIFUSION_META_REPO and GITEA_ROUTINE_REPORT_PATH. Do not proceed until the publisher clarifies this mismatch.
- Credential scope: the GITEA_TOKEN_BOT grants broad read/write access to any repository the token can see (listing repos, reading files, creating/updating files and meta logs). O...详细分析 ▾
⚠ 用途与能力
The skill's stated purpose (cron-driven pre-briefs using Gitea data) matches the actual code and SKILL.md: scan.py enumerates repos and meetings, commit_brief.py writes files and updates meta.yaml, and gitea_utils.py talks to the Gitea API. However the registry metadata claims 'Required env vars: none' while the code and setup require GITEA_BASE_URL, GITEA_TOKEN_BOT, AIFUSION_META_REPO and GITEA_ROUTINE_REPORT_PATH. That metadata mismatch is a meaningful incoherence—someone publishing this skill should declare the required credentials and scopes.
ℹ 指令范围
SKILL.md restricts behavior to scanning managed Gitea repos, producing AI JSON (OpenClaw does the AI part), rendering HTML with gitea-routine-report, committing artifacts, updating status, and returning email parameters. The runtime scripts do exactly that. Important runtime actions to be aware of: the scanner enumerates all repos accessible to the bot token (/api/v1/repos/search), fetches repository contents and user emails, writes files into meeting directories, and appends logs into the meta repo. These actions are within the intended scope but do involve broad read/write access to any repo the bot token can access.
ℹ 安装机制
There is no packaged installer, but a setup.sh is provided which runs pip install -r requirements.txt (with --break-system-packages). This will install Python packages from PyPI on the host. No remote arbitrary downloads beyond pip are used and included scripts are local. The --break-system-packages flag may alter system Python behavior on some distributions; review before running.
⚠ 凭证需求
The code requires GITEA_BASE_URL, GITEA_TOKEN_BOT, AIFUSION_META_REPO and GITEA_ROUTINE_REPORT_PATH (see env-example.txt and setup.sh). Those variables are necessary for the stated behavior, but the Gitea token is sensitive because the skill enumerates and may modify many repositories (create/update files and meta logs). The registry metadata's omission of these env vars is misleading. Also note env-example lists a numeric IP (http://43.156.243.152:3000) — ensure you trust the configured Gitea instance before supplying credentials.
✓ 持久化与权限
The skill is not force-included (always: false) and does not request system-wide persistent privileges. It will write to Gitea repositories and a meta repo (intended behavior). Autonomous invocation is allowed (platform default) but that alone is not flagged; combine with the credential sensitivity noted above when deciding risk.
⚠ main.js:30
Shell command execution detected (child_process).
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
安装命令
点击复制官方npx clawhub@latest install skill-b-pre-brief
镜像加速npx clawhub@latest install skill-b-pre-brief --registry https://cn.longxiaskill.com