风险评分

41/100 (Medium)

OpenClaw: suspicious
VirusTotal: suspicious
StaticScan: unknown

Openclaw Action

作者: AtlasPA
Slug:openclaw-action
版本:1.0.0
更新时间:2026-03-24 11:51:42
风险信息

OpenClaw: suspicious

查看 OpenClaw 分析摘要 
The action's stated behavior (local-only, auditable) conflicts with its runtime behavior: it fetches and executes scanner scripts from remote GitHub URLs at runtime, creating a supply-chain risk.

VirusTotal: suspicious VT 报告

静态扫描: unknown

README

README 未提供

文件列表

无文件信息

下载
下载官方 ZIP
原始 JSON 数据
{
    "latestVersion": {
        "_creationTime": 1770891968038,
        "_id": "k973gwg3rwk29k9jt47tx8batx810xcm",
        "changelog": "Initial release of openclaw-action: automated security scanning GitHub Action.\n\n- Scans agent workspaces for exposed secrets, injection, and data exfiltration patterns on PRs and commits.\n- Detects API keys, tokens, credentials, prompt\/shell injections, and suspicious network calls using sentry, bastion, and egress scanners.\n- Provides configurable inputs for scan scope and failure conditions (`fail-on-findings`).\n- Outputs finding counts and critical issue flags for CI integration.\n- Action is alert-only—does not modify code or files.",
        "changelogSource": "auto",
        "createdAt": 1770891968038,
        "parsed": {
            "clawdis": {
                "emoji": "🛡️",
                "os": [
                    "darwin",
                    "linux",
                    "win32"
                ],
                "requires": {
                    "bins": [
                        "python3"
                    ]
                }
            }
        },
        "version": "1.0.0"
    },
    "owner": {
        "_creationTime": 0,
        "_id": "publishers:missing",
        "displayName": "AtlasPA",
        "handle": "atlaspa",
        "image": "https:\/\/avatars.githubusercontent.com\/u\/231540010?v=4",
        "kind": "user",
        "linkedUserId": "kn74bgzn68zbhdf3x58hj88ebs80hr3p"
    },
    "ownerHandle": "atlaspa",
    "skill": {
        "_creationTime": 1770891968038,
        "_id": "kd7eenn65x47jvx2f5cvthswc98118be",
        "badges": [],
        "createdAt": 1770891968038,
        "displayName": "Openclaw Action",
        "latestVersionId": "k973gwg3rwk29k9jt47tx8batx810xcm",
        "ownerUserId": "kn74bgzn68zbhdf3x58hj88ebs80hr3p",
        "slug": "openclaw-action",
        "stats": {
            "comments": 0,
            "downloads": 624,
            "installsAllTime": 2,
            "installsCurrent": 2,
            "stars": 0,
            "versions": 1
        },
        "summary": "GitHub Action for automated security scanning of agent workspaces. Detects exposed secrets, prompt\/shell injection, and data exfiltration patterns in PRs and commits.",
        "tags": {
            "latest": "k973gwg3rwk29k9jt47tx8batx810xcm"
        },
        "updatedAt": 1774324302158
    }
}