OpenClaw: benign
VirusTotal: benign
StaticScan: unknown
OpenClaw: benign
The skill's code, instructions, and requirements are consistent with an offline static audit of GitHub Actions workflow YAML files and do not request unrelated credentials or perform network/exfiltrat... [内容已截断]
VirusTotal: benign VT 报告
静态扫描: unknown
README 未提供
无文件信息
{
"latestVersion": {
"_creationTime": 1772924873942,
"_id": "k972mft00vav3hc1nerzwc75hd82fn02",
"changelog": "Initial release with auditing features for GitHub Actions workflows:\n\n- Scans workflow YAML files for secret exposure risks.\n- Flags usage of secrets in pull_request_target, secret echo commands, and secrets passed to unpinned actions.\n- Detects hardcoded credentials in workflow config.\n- Supports both text and JSON output formats.\n- Configurable scoring, file matching, and CI fail gate for critical findings.",
"changelogSource": "auto",
"createdAt": 1772924873942,
"parsed": {
"clawdis": {
"requires": {
"bins": [
"bash",
"python3"
]
}
}
},
"version": "1.0.0"
},
"owner": {
"_creationTime": 0,
"_id": "publishers:missing",
"displayName": "Daniel Lummis",
"handle": "daniellummis",
"image": "https:\/\/avatars.githubusercontent.com\/u\/65238171?v=4",
"kind": "user",
"linkedUserId": "kn74qp31gs45fmt9eg7jbc4r6n828jdj"
},
"ownerHandle": "daniellummis",
"skill": {
"_creationTime": 1772924873942,
"_id": "kd722hm7gv35wvch13a931v8h182fphf",
"badges": [],
"createdAt": 1772924873942,
"displayName": "GitHub Actions Secret Exposure Audit",
"latestVersionId": "k972mft00vav3hc1nerzwc75hd82fn02",
"ownerUserId": "kn74qp31gs45fmt9eg7jbc4r6n828jdj",
"slug": "github-actions-secret-exposure-audit",
"stats": {
"comments": 0,
"downloads": 167,
"installsAllTime": 1,
"installsCurrent": 1,
"stars": 0,
"versions": 1
},
"summary": "Audit GitHub Actions workflow files for secret exposure risks like pull_request_target secret usage, secret echo commands, and unpinned action secret passing.",
"tags": {
"latest": "k972mft00vav3hc1nerzwc75hd82fn02"
},
"updatedAt": 1772924883584
}
}