风险评分

76/100 (Low)

OpenClaw: benign
VirusTotal: suspicious
StaticScan: unknown

Insecure Defaults Detection

作者: atlas-secint
Slug:insecure-defaults
版本:1.0.0
更新时间:2026-03-24 11:08:28
风险信息

OpenClaw: benign

查看 OpenClaw 分析摘要 
The skill's requirements and instructions are coherent with its stated purpose (searching code/config for insecure defaults); it is instruction-only, requests no credentials, and has no install steps.

VirusTotal: suspicious VT 报告

静态扫描: unknown

README

README 未提供

文件列表

无文件信息

下载
下载官方 ZIP
原始 JSON 数据
{
    "latestVersion": {
        "_creationTime": 1769636778868,
        "_id": "k970w0ctyptgd9hxgcw0q00q858024tf",
        "changelog": "Initial release of insecure-defaults.\n\n- Detects fail-open insecure defaults including hardcoded secrets, weak authentication, and permissive security configurations in production-reachable code.\n- Helps with audits, code reviews, and configuration management by focusing on environment variable handling and insecure defaults.\n- Clearly distinguishes between fail-open (critical) and fail-secure (safe) patterns.\n- Provides search guidance and verification workflow, including example patterns and report template.\n- Includes a thorough checklist of common insecure defaults and guidance on when findings are relevant.",
        "changelogSource": "auto",
        "createdAt": 1769636778868,
        "version": "1.0.0"
    },
    "owner": {
        "_creationTime": 0,
        "_id": "publishers:missing",
        "displayName": "atlas-secint",
        "handle": "atlas-secint",
        "image": "https:\/\/avatars.githubusercontent.com\/u\/239678626?v=4",
        "kind": "user",
        "linkedUserId": "kn779ge6mdmb8y92cvy24g561h7z3xpn"
    },
    "ownerHandle": "atlas-secint",
    "skill": {
        "_creationTime": 1769636778868,
        "_id": "kd7ad2x9djq9q853hnd4nas58h802m8h",
        "badges": [],
        "createdAt": 1769636778868,
        "displayName": "Insecure Defaults Detection",
        "latestVersionId": "k970w0ctyptgd9hxgcw0q00q858024tf",
        "ownerUserId": "kn779ge6mdmb8y92cvy24g561h7z3xpn",
        "slug": "insecure-defaults",
        "stats": {
            "comments": 0,
            "downloads": 2087,
            "installsAllTime": 7,
            "installsCurrent": 7,
            "stars": 0,
            "versions": 1
        },
        "summary": "Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production. Use when auditing security, reviewing config management, or analyzing environment variable handling.",
        "tags": {
            "audit": "k970w0ctyptgd9hxgcw0q00q858024tf",
            "latest": "k970w0ctyptgd9hxgcw0q00q858024tf",
            "security": "k970w0ctyptgd9hxgcw0q00q858024tf",
            "trailofbits": "k970w0ctyptgd9hxgcw0q00q858024tf"
        },
        "updatedAt": 1774321708976
    }
}