by 安全扫描
OpenClaw
安全
high confidenceNULL
评估建议
This skill appears to do exactly what it claims: run Snyk scans, create GitHub issues, and open auto-fix PRs. Before using it: (1) ensure you have the Snyk CLI and GitHub CLI installed and authenticated locally (gh auth, snyk auth); (2) run with dry-run first to inspect what changes would be made; (3) note the scripts clone and push branches—only use with repos you trust and where the auth tokens have minimal necessary scope (repo write only); (4) review the included scripts for any policy you w...详细分析 ▾
✓ 用途与能力
Name/description match the included scripts: scanning with Snyk, creating issues via gh, and creating PRs after applying fixes. The files and runtime requirements are proportional and expected for this functionality.
✓ 指令范围
SKILL.md and the scripts limit actions to cloning the target repo, running snyk, creating GitHub issues, and creating/pushing a fix branch/PR. The scripts reference only expected CLIs (git, snyk, gh, jq, python3) and temporary paths; they do not read unrelated system files or post data to unknown endpoints.
✓ 安装机制
No install spec is provided (instruction-only install), and the code files are standard scripts. Nothing is downloaded from arbitrary URLs or written into unusual system locations.
ℹ 凭证需求
The skill does not declare environment variables but requires local CLI authentication for Snyk and GitHub and expects git credentials / repo write access. This is coherent with the purpose, but users must supply and manage credentials (gh auth, snyk auth, or git remote credentials) outside the skill; ensure those credentials have appropriate scopes.
✓ 持久化与权限
The skill does not request always: true and does not modify other skills or system-wide agent settings. It will create branches/PRs and push to origin (requires repository write access), which is expected behavior for auto-fix functionality.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/3/27
NULL
● 无害
安装命令
点击复制官方npx clawhub@latest install snyk-vulnerability-scanner
镜像加速npx clawhub@latest install snyk-vulnerability-scanner --registry https://cn.longxiaskill.com