OpenClaw: suspicious
VirusTotal: benign
StaticScan: unknown
OpenClaw: suspicious
The skill's instructions appear to match a legitimate security feed (requires an API key, produces block/approve/log rules, and updates a local SHIELD.md), but there are important mismatches between t... [内容已截断]
VirusTotal: benign VT 报告
静态扫描: unknown
README 未提供
无文件信息
{
"latestVersion": {
"_creationTime": 1770782866484,
"_id": "k97bnxbyfhrxvp1pkmeak3gwds80zhgz",
"changelog": "MoltThreats 0.6.3 changelog\n\n- Enforced strict user consent: New `user_triggered` invocation policy, with `disable_model_invocation: true` and `autonomous_actions: none` — no silent, background, or autonomous usage allowed.\n- Improved credential protection: Clarified that `PROMPTINTEL_API_KEY` must only be sent to the official API domain, never hardcoded, and solely via the proper header.\n- Added explicit requirements and invocation\/consent policy tables for transparency on operational and security guarantees.\n- Documented that first use of `block` rules or report submissions always require explicit user approval; regular feed syncs may run only after initial consent.\n- Minor specification and formatting changes for clarity and easier compliance.",
"changelogSource": "user",
"createdAt": 1770782866484,
"version": "0.6.3"
},
"owner": {
"_creationTime": 0,
"_id": "publishers:missing",
"displayName": "fr0gger",
"handle": "fr0gger",
"image": "https:\/\/avatars.githubusercontent.com\/u\/6546250?v=4",
"kind": "user",
"linkedUserId": "kn75az15fy8x5z287ejafkr8ah80e3w3"
},
"ownerHandle": "fr0gger",
"skill": {
"_creationTime": 1770090079915,
"_id": "kd7eqf8qnxtmbhmtsc31675ew580enrq",
"badges": [],
"createdAt": 1770090079915,
"displayName": "MoltThreats",
"latestVersionId": "k97bnxbyfhrxvp1pkmeak3gwds80zhgz",
"ownerUserId": "kn75az15fy8x5z287ejafkr8ah80e3w3",
"slug": "moltthreats",
"stats": {
"comments": 0,
"downloads": 2437,
"installsAllTime": 8,
"installsCurrent": 8,
"stars": 3,
"versions": 8
},
"summary": "Agent-native security signal feed by PromptIntel. Use this skill whenever the agent needs to report threats, fetch protection feeds, apply security rules, or update SHIELD.md. Trigger on any mention of: threat reporting, security feed, MCP threats, malicious skills, prompt injection reports, IOCs, indicators of compromise, agent security, PromptIntel, MoltThreats, SHIELD.md, or SHIELD.md updates. Also trigger when the agent detects suspicious behavior during normal operation (unexpected tool calls, credential access attempts, unknown MCP servers, exfiltration patterns).",
"tags": {
"latest": "k97bnxbyfhrxvp1pkmeak3gwds80zhgz",
"latest v0.1.0": "k971fcbn3dd79k78hnv26rcx8x80f11k"
},
"updatedAt": 1772248987501
}
}