OpenClaw: suspicious
VirusTotal: benign
StaticScan: clean
OpenClaw: suspicious
The skill's files and instructions match a CodeQL audit tool, but the metadata omits required tooling and the scanner will run repository build commands (which can execute arbitrary code) without warn... [内容已截断]
VirusTotal: benign VT 报告
静态扫描: clean
No suspicious patterns detected.
README 未提供
无文件信息
{
"latestVersion": {
"_creationTime": 1773208768421,
"_id": "k970tp916v5dwxfbt7jw6w7nph82qenm",
"changelog": "Initial release of codeql-skill.\n\n- Introduces three independent modes: SCAN (static scanning & SARIF generation), AUDIT (SARIF triage & reporting), and TUNE (QL query optimization).\n- Scripts provided for each mode: `scan.sh` (repo scanning), `audit.py` (SARIF auditing), and `tune.py` (query tuning).\n- Supports multiple languages: Java, JavaScript, Python, and C++.\n- Includes user guidance for custom queries, audit limitations, and query tuning steps.",
"changelogSource": "user",
"createdAt": 1773208768421,
"version": "1.0.0"
},
"owner": {
"_creationTime": 0,
"_id": "publishers:missing",
"displayName": "k2-l",
"handle": "k2-l",
"image": "https:\/\/avatars.githubusercontent.com\/u\/219258419?v=4",
"kind": "user",
"linkedUserId": "kn7e1sh4z9tr70bs5vbb799pts82n8wx"
},
"ownerHandle": "k2-l",
"skill": {
"_creationTime": 1773208768421,
"_id": "kd7fn5jdsjxtsj64s8tcmfb3w182pj4c",
"badges": [],
"createdAt": 1773208768421,
"displayName": "codeql-skill",
"latestVersionId": "k970tp916v5dwxfbt7jw6w7nph82qenm",
"ownerUserId": "kn7e1sh4z9tr70bs5vbb799pts82n8wx",
"slug": "codeql-skill",
"stats": {
"comments": 0,
"downloads": 166,
"installsAllTime": 1,
"installsCurrent": 0,
"stars": 0,
"versions": 1
},
"summary": "CodeQL security audit pipeline: static scanning, SARIF triage, and QL query optimization. Trigger on: CodeQL, .ql, .sarif, taint tracking, source→sink, LGTM,...",
"tags": {
"latest": "k970tp916v5dwxfbt7jw6w7nph82qenm"
},
"updatedAt": 1774331747804
}
}