风险评分

55/100 (Medium)

OpenClaw: suspicious
VirusTotal: benign
StaticScan: suspicious

Eason Skill Vetting

作者: eathon
Slug:eason-skill-vetting
版本:1.0.0
更新时间:2026-03-24 13:59:47
风险信息

OpenClaw: suspicious

查看 OpenClaw 分析摘要(前 200 字预览) 
This is a coherent vetting tool (scanner + guidance) but there are notable inconsistencies (metadata mismatch) and prompt-injection indicators in SKILL.md that justify caution before trusting or insta...

[内容已截断]

VirusTotal: benign VT 报告

静态扫描: suspicious 

Detected: suspicious.dynamic_code_execution, suspicious.prompt_injection_instructions
README

README 未提供

文件列表

无文件信息

下载
下载官方 ZIP
原始 JSON 数据
{
    "latestVersion": {
        "_creationTime": 1773238807467,
        "_id": "k97adr3ce9b5g9724dt1he4r8h82qfp1",
        "changelog": "Skill-vetting 1.0.0 introduces a comprehensive, step-by-step workflow for securely evaluating ClawHub skills.\n\n- Provides detailed instructions for downloading, automated scanning, and manual security review of ClawHub skills.\n- Emphasizes AI prompt injection risks, offering strict, immutable rules against trusting or acting on in-file guidance.\n- Includes practical heuristic checks and red flag lists for identifying malicious or deceptive code.\n- Outlines a utility assessment to gauge whether a new skill adds unique value over existing tools.\n- Supplies guidance on post-installation monitoring and explains the limitations and possible bypasses of the included regex-based scanner.",
        "changelogSource": "auto",
        "createdAt": 1773238807467,
        "version": "1.0.0"
    },
    "owner": {
        "_creationTime": 0,
        "_id": "publishers:missing",
        "displayName": "eathon",
        "handle": "eathon",
        "image": "https:\/\/avatars.githubusercontent.com\/u\/10878086?v=4",
        "kind": "user",
        "linkedUserId": "kn711mamdn1sc00pbr2hymj5n182ndsh"
    },
    "ownerHandle": "eathon",
    "skill": {
        "_creationTime": 1773238807467,
        "_id": "kd7aywwjkqgm2ssn9esckjwpq582pms1",
        "badges": [],
        "canonicalSkillId": "kd7dncs3f43mj6q970k1f287ah80c55b",
        "createdAt": 1773238807467,
        "displayName": "Eason Skill Vetting",
        "forkOf": {
            "at": 1773238807467,
            "kind": "fork",
            "skillId": "kd7dncs3f43mj6q970k1f287ah80c55b",
            "version": "1.1.0"
        },
        "latestVersionId": "k97adr3ce9b5g9724dt1he4r8h82qfp1",
        "ownerUserId": "kn711mamdn1sc00pbr2hymj5n182ndsh",
        "slug": "eason-skill-vetting",
        "stats": {
            "comments": 0,
            "downloads": 187,
            "installsAllTime": 2,
            "installsCurrent": 2,
            "stars": 0,
            "versions": 1
        },
        "summary": "Vet ClawHub skills for security and utility before installation. Use when considering installing a ClawHub skill, evaluating third-party code, or assessing w...",
        "tags": {
            "latest": "k97adr3ce9b5g9724dt1he4r8h82qfp1"
        },
        "updatedAt": 1774331987731
    }
}