by 安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
This skill describes a powerful system that can cause remote proposals to change local agent code — but the package gives you only instructions and an external API URL, not the CLI or server code. Before using it: 1) Verify the repository and the API host (check the linked GitHub repo and confirm releases/tags); 2) Do not run or import any CLI or server binary you haven't inspected — obtain code from the official repo and review it; 3) Treat any private Ed25519 keys and backup passwords as highl...详细分析 ▾
⚠ 用途与能力
The skill claims a production-ready governance system with a CLI, REST API, and autonomous code execution, yet the package is instruction-only: no CLI, no server code, and no install instructions are included. The listed dependencies (Python, FastAPI, upstash-redis, cryptography) and repository link suggest substantial backend components that are not provided here, which is inconsistent.
⚠ 指令范围
SKILL.md instructs agents to onboard, sign actions with local Ed25519 keys, submit proposals containing code diffs, and rely on the swarm to 'execute approved changes automatically'. It directs network interaction with an external API (the-hive-o6y8.onrender.com) and operations that could modify codebases. The document lacks concrete, auditable safety checks or limits on what 'autonomous execution' can change, giving broad discretion to remote decisions.
ℹ 安装机制
No install spec or code files are provided (instruction-only), which reduces direct file-write risk. However, SKILL.md presumes a local 'python cli.py' and a remote service; the absence of provenance or packaged CLI means you'd need to fetch/run external code to use the system — a non-trivial action not covered here.
ℹ 凭证需求
The skill declares no required env vars or credentials, but it requires local Ed25519 private keys and backups encrypted by user-chosen passwords. Handling private keys and restoring encrypted backups is inherently sensitive; the skill gives no guidance for secure key storage or forbids uploading private keys to the remote API, leaving potential for user error or exfiltration if users follow unclear instructions.
✓ 持久化与权限
The skill is not forced-always and does not request persistent platform privileges. Autonomous model invocation is allowed by default but not combined with 'always:true'. The main privilege risk is functional: the Hive's claimed ability to apply code diffs to agents (if you run its CLI or accept its actions) rather than the skill's installation metadata.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/3/6
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install the-hive-swarm-governance
镜像加速npx clawhub@latest install the-hive-swarm-governance --registry https://cn.longxiaskill.com