by 安全扫描
OpenClaw
安全
high confidenceNULL
评估建议
This skill appears to do what it claims: upload files to wenshushu using the wssf CLI. Before installing or invoking it, consider: (1) do not provide sensitive system paths (e.g., ~/.ssh, /etc/*, credential files) — the skill will happily upload arbitrary files; (2) if you enable 'login' flows, a token is stored at ~/.config/wenshushu/token.txt — treat that token like a secret; (3) install.sh runs a remote installer (astral.sh) and will run pip install wssf — review these steps or run them manua...详细分析 ▾
✓ 用途与能力
Name/description, included scripts, and SKILL.md all describe a file uploader for wenshushu. Declared dependencies (wssf, uv) and included install.sh / upload.py are consistent with that purpose; nothing requested appears unrelated to uploading files to wenshushu.
ℹ 指令范围
Runtime instructions tell the agent to check file existence, call the wssf CLI, and optionally save upload records. This is coherent, but the skill will accept arbitrary filesystem paths and upload them to an external service — which is expected for an uploader but enables accidental or malicious exfiltration if the agent is given sensitive paths (e.g., SSH keys, tokens). The SKILL.md also instructs users how to extract an X-TOKEN from browser devtools and store it locally for logged uploads; that flow is optional but sensitive.
✓ 安装机制
No opaque downloads from unknown hosts in the package files. The automation uses a known uv installer (curl https://astral.sh/uv/install.sh) and pip install wssf==5.0.6 (PyPI). These are typical for Python tooling; running a remote installer (curl | sh) is moderately risky operationally but expected for installing uv.
ℹ 凭证需求
The skill does not declare unrelated environment variables or credentials. It may read/write a local token at ~/.config/wenshushu/token.txt and write upload records to ~/.openclaw/memory/wenshushu-uploads.jsonl — reasonable for its function. However, because it accepts arbitrary file paths, it can be used to transmit any local file to the remote service; treat that as a sensitive capability (not a hidden one).
✓ 持久化与权限
always is false and the skill does not request elevated platform privilege. It persists its own configuration/token and upload logs under user-scoped config paths (~/.config and ~/.openclaw) which is proportionate to functionality and does not appear to modify other skills or system-wide settings.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.1.12026/3/16
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install wenshushu-uploader
镜像加速npx clawhub@latest install wenshushu-uploader --registry https://cn.longxiaskill.com