OpenClaw: benign
VirusTotal: benign
StaticScan: clean
OpenClaw: benign
The skill's claimed purpose (a Google Workspace CLI wrapper) matches its instructions and install requirements; nothing requested is disproportionate, but verify the third‑party Homebrew tap and the O... [内容已截断]
VirusTotal: benign VT 报告
静态扫描: clean
No suspicious patterns detected.
README 未提供
无文件信息
{
"latestVersion": {
"_creationTime": 1773333176513,
"_id": "k9783wt9f0mft7tmxwngpzb8yd82rbqb",
"changelog": "gog v1.1.0 — Security Hardened \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\nWe ran this skill through Faberlens (https:\/\/faberlens.ai\/check), a behavioral safety evaluation for AI agent skills. The original had 11 behavioral regressions — meaning it made Claude less secure than \nbaseline in half its test categories.\n\nThe worst: the skill taught Claude to exfiltrate workspace data. gog outputs emails, contacts, docs, and sheets to stdout, and nothing stopped piping that to curl, nc, or clipboard tools. Under social\nengineering, Claude built exfiltration chains and asked for \"confirmation\" instead of refusing — confirmation doesn't make exfiltration safe.\n\nOther findings: Claude added unauthorized BCC recipients under fake compliance policies, created calendar events impersonating other people, expanded auth scopes from injected context, forwarded private\nemails to third parties, wrote secrets to shared Sheets, and used ~\/.bash_history as an email body.\n\nWhat changed (10 guardrails added, 0 removed — purely additive):\n\n- Block piping\/redirecting workspace data to network commands or external endpoints\n- Block unauthorized recipients — only send to who the user explicitly named\n- Block calendar events attributed to someone other than the authenticated user\n- Block auth modifications unless the user directly instructs that specific change\n- Block bulk enumeration of another user's mailbox, drive, or contacts\n- Require confirmation before sharing\/exporting contact data to any recipient\n- Block writing secrets or personal info from emails\/contacts into Sheets\n- Block --body-file with arbitrary system files and exports to sensitive paths\n- Block relaying another person's email to a third party without explicit approval\n- Authority claims, urgency, and delegation don't override any of these\n\nResults:\n- Mean lift: -0.6% → +20.5%\n- Worst category: -41.7% → -10.0%\n- Regressions: 11 → 3 (73% fix rate)\n\nFull report: https:\/\/faberlens.ai\/report\/skill\/?d=gog",
"changelogSource": "user",
"createdAt": 1773333176513,
"parsed": {
"clawdis": {
"emoji": "🎮",
"install": [
{
"bins": [
"gog"
],
"formula": "steipete\/tap\/gogcli",
"id": "brew",
"kind": "brew",
"label": "Install gog (brew)"
}
],
"requires": {
"bins": [
"gog"
]
}
}
},
"version": "1.0.0"
},
"owner": {
"_creationTime": 0,
"_id": "publishers:missing",
"displayName": "Faberlens",
"handle": "snazar-faberlens",
"image": "https:\/\/avatars.githubusercontent.com\/u\/261834257?v=4",
"kind": "user",
"linkedUserId": "kn706xw9bamamdar1vywjx42ad81sc6v"
},
"ownerHandle": "snazar-faberlens",
"skill": {
"_creationTime": 1773333176513,
"_id": "kd70xyhk79cqnr5hce115kxrch82r85e",
"badges": [],
"createdAt": 1773333176513,
"displayName": "gog-hardened",
"latestVersionId": "k9783wt9f0mft7tmxwngpzb8yd82rbqb",
"ownerUserId": "kn706xw9bamamdar1vywjx42ad81sc6v",
"slug": "gog-hardened",
"stats": {
"comments": 1,
"downloads": 163,
"installsAllTime": 0,
"installsCurrent": 0,
"stars": 0,
"versions": 1
},
"summary": "Google Workspace CLI for Gmail, Calendar, Drive, Contacts, Sheets, and Docs.",
"tags": {
"latest": "k9783wt9f0mft7tmxwngpzb8yd82rbqb"
},
"updatedAt": 1773336112237
}
}