📦 Skill Security Scanner — 安全扫描评分
v4.4.1一键扫描 ClawHub、GitHub 及本地 Skill 中的 JS/TS/Python/Shell 文件,自动发现数据泄露、注入、混淆、木马等安全隐患并给出风险评分。
0· 245·0 当前·0 累计
by 下载技能包
最后更新
2026/4/20
安全扫描
OpenClaw
可疑
medium confidenceThe skill mostly matches its stated purpose (a static/security scanner) but contains implementation inconsistencies and some unclear behavior around supported languages and remote-URL handling that you should review before running it on sensitive systems.
评估建议
What to consider before installing or running this skill:
- Purpose vs implementation: The skill's description and SKILL.md claim multi-language scanning and remote-URL support, but the Node scanner only walks .js files; confirm which script is actually used in your environment (the shell scripts appear to implement more checks). If you rely on .py or .sh scanning, verify the scanner actually inspects those files.
- Remote targets: SKILL.md shows commands that accept GitHub/ClawHub URLs. Befor...详细分析 ▾
⚠ 用途与能力
The SKILL.md and scripts claim multi-language support (.js, .ts, .py, .sh) and remote ClawHub/GitHub scanning. The shipped Bash scripts implement many language checks, but the Node SecurityDetector (node/scanner.js) only recursively scans .js files. index.js simply invokes scripts/scan.sh via execSync. This mismatch (Node code scanning only .js while other scripts claim broader coverage) and the advertised ability to scan remote URLs are not fully substantiated in the visible code.
ℹ 指令范围
The SKILL.md explicitly instructs the agent to run scripts/scan.sh and to not proceed to LLM analysis without user confirmation; that flow is clear and reduces some risk. The instructions ask the agent to scan local skill directories (e.g., ~/.openclaw/workspace/skills) and to optionally perform semantic LLM analysis using prompts derived from the scan output. The agent will read many files under the target path (expected), but the README claims remote scanning of URLs — the provided scripts as shown do not clearly include safe, explicit remote-fetch handling (clone/download) in the visible portions, so behavior on URL inputs is ambiguous.
✓ 安装机制
There is no install spec (instruction-only from the registry standpoint). The package includes shell scripts and Node code; nothing in the manifest downloads external code during install. Running the provided scripts will write nothing to system paths beyond typical transient console output. Risk comes from executing the included scripts (they run locally) rather than an external installer URL.
✓ 凭证需求
The skill declares no required env vars or credentials. The scanner contains detection rules that look for patterns like process.env.AWS_/AZURE_ etc. — this is expected for a scanner (it flags code that references credentials) and does not itself require those secrets.
✓ 持久化与权限
always:false and no special persistence or system-wide modifications are requested. The skill reads files in skill directories (its stated purpose) and does not request to modify other skills or global agent configuration.
⚠ index.js:8
Shell command execution detected (child_process).
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv4.4.12026/3/18
v4.4.1: 重构 LLM prompt - 六维评估框架(数据透明/权限边界/行为透明/供应链风险/用户控制/成本告知)+ 越界行为列 + 额外判断标准
● 无害
安装命令
点击复制官方npx clawhub@latest install skill-sec-scan
镜像加速npx clawhub@latest install skill-sec-scan --registry https://cn.longxiaskill.com