风险评分

94/100 (Very Low)

OpenClaw: benign
VirusTotal: benign
StaticScan: unknown

GitHub Actions Cache Hardening Audit

作者: Daniel Lummis
Slug:github-actions-cache-hardening-audit
版本:1.0.0
更新时间:2026-03-08 10:08:04
风险信息

OpenClaw: benign

查看 OpenClaw 分析摘要(前 200 字预览) 
The skill's code and runtime instructions are consistent with its stated purpose (statically auditing GitHub Actions workflow cache usage) and do not request unrelated credentials, network access, or ...

[内容已截断]

VirusTotal: benign VT 报告

静态扫描: unknown

README

README 未提供

文件列表

无文件信息

下载
下载官方 ZIP
原始 JSON 数据
{
    "latestVersion": {
        "_creationTime": 1772935613370,
        "_id": "k9775se5vz9haam9jazwpjzj2982grde",
        "changelog": "Initial release of github-actions-cache-hardening-audit.\n\n- Audits GitHub Actions workflow cache usage for risks like cache poisoning, improper keying, and secret-path exposure.\n- Checks for insecure usage patterns, including untrusted triggers, weak cache keys, dangerous restore-keys, and sensitive paths.\n- Supports customizable input options for file selection, output format (text or JSON), and risk thresholds.\n- Can be configured to fail CI on detection of critical cache risks.\n- Provides clear summary reports for flagged and critical workflows.",
        "changelogSource": "auto",
        "createdAt": 1772935613370,
        "parsed": {
            "clawdis": {
                "requires": {
                    "bins": [
                        "bash",
                        "python3"
                    ]
                }
            }
        },
        "version": "1.0.0"
    },
    "owner": {
        "_creationTime": 0,
        "_id": "publishers:missing",
        "displayName": "Daniel Lummis",
        "handle": "daniellummis",
        "image": "https:\/\/avatars.githubusercontent.com\/u\/65238171?v=4",
        "kind": "user",
        "linkedUserId": "kn74qp31gs45fmt9eg7jbc4r6n828jdj"
    },
    "ownerHandle": "daniellummis",
    "skill": {
        "_creationTime": 1772935613370,
        "_id": "kd76d6byq4nb67g7yf4xegpmwn82g9zt",
        "badges": [],
        "createdAt": 1772935613370,
        "displayName": "GitHub Actions Cache Hardening Audit",
        "latestVersionId": "k9775se5vz9haam9jazwpjzj2982grde",
        "ownerUserId": "kn74qp31gs45fmt9eg7jbc4r6n828jdj",
        "slug": "github-actions-cache-hardening-audit",
        "stats": {
            "comments": 0,
            "downloads": 157,
            "installsAllTime": 1,
            "installsCurrent": 1,
            "stars": 0,
            "versions": 1
        },
        "summary": "Audit GitHub Actions workflow cache usage for poisoning, keying, and secret-path risks.",
        "tags": {
            "latest": "k9775se5vz9haam9jazwpjzj2982grde"
        },
        "updatedAt": 1772935684440
    }
}