📦 Powershell Sandbox — 安全沙箱执行
v0.1.0在受限 PowerShell 环境中安全运行脚本,支持命令白名单、超时控制、输出限制与文件路径隔离,防止恶意操作。
0· 72·0 当前·0 累计
by 下载技能包
最后更新
2026/3/31
安全扫描
OpenClaw
可疑
high confidenceThe skill claims to provide a PowerShell sandbox but the actual sandbox implementation (src/sandbox.ps1) is missing and the shipped tests/documentation give a false sense of safety — don't trust it to enforce isolation until you can inspect the real sandbox code.
评估建议
Do not rely on this package to safely sandbox untrusted PowerShell code in its current form. The repository as provided does not include the core src/sandbox.ps1 implementation even though docs and package.json reference it. The test harness is superficial (it increments passes even when the sandbox script is missing and validates patterns rather than executing enforcement code), so the TEST_RESULTS.md is not strong proof of safety. Before installing or invoking: 1) obtain and review the actual ...详细分析 ▾
⚠ 用途与能力
SKILL.md and package.json claim a sandbox executable at src/sandbox.ps1 (package.json 'main' points to it and the docs show many runtime options), but the file manifest does not include src/sandbox.ps1 or any src/ implementation. That mismatch means the skill as provided cannot deliver the claimed sandbox capability and is therefore incoherent.
⚠ 指令范围
The instructions direct the agent to execute an external PowerShell script via exec (e.g., executing skills/powershell-sandbox/src/sandbox.ps1 against paths inside the agent workspace). If the referenced sandbox script is absent or unreviewed, the agent would instead execute whatever script exists at the provided ScriptPath (potentially arbitrary user scripts). The SKILL.md also relies on pre-execution scanning and enforcement, but those enforcement steps are only described in prose — no implementation is present to verify they actually run.
ℹ 安装机制
No install spec (instruction-only skill), which lowers install-supply-chain risk. However, because no sandbox implementation is shipped, the lack of install artifacts increases the danger of a false assurance (the docs promise enforcement that isn't present).
✓ 凭证需求
The skill requests no environment variables, no credentials, and no config paths. The declared environment access is proportionate to a local PowerShell sandbox. There are no unexplained secret or cloud credential requests.
✓ 持久化与权限
always is false and the skill is user-invocable; it does not request permanent system-wide privileges. However, because it instructs the agent to exec local PowerShell with user-provided scripts, the runtime privilege depends on how the agent is run (the skill itself doesn't request elevated persistence).
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.1.02026/3/31
Initial release of PowerShell sandbox for secure script execution: - Supports safe execution of user scripts with command whitelisting, .NET type restrictions, and pre-execution security scanning. - Provides timeout control (job-based), output limits, and file path isolation to prevent abuse. - Logs and audits all script executions, with clear exit codes for common error conditions. - Customizable whitelist, output, and timeout settings. - Includes test cases, usage instructions, and security recommendations.
● 可疑
安装命令
点击复制官方npx clawhub@latest install yuyonghao-powershell-sandbox
镜像加速npx clawhub@latest install yuyonghao-powershell-sandbox --registry https://cn.longxiaskill.com