OpenClaw: suspicious
VirusTotal: suspicious
StaticScan: unknown
OpenClaw: suspicious
The skill's code and requirements largely match an OTP challenger, but there are concerning elements (an optional failure hook that can run arbitrary shell commands, examples that encourage destructiv... [内容已截断]
VirusTotal: suspicious VT 报告
静态扫描: unknown
README 未提供
无文件信息
{
"latestVersion": {
"_creationTime": 1770874753744,
"_id": "k976ehcm4arbhfxk0wb6qg16p58118x7",
"changelog": "Version 1.0.6\n\n- Expanded required binaries and environment variable documentation in SKILL.md.\n- Added details for privileged features and OTP failure hooks.\n- Noted `qrencode` requirement for `generate-secret.sh`.\n- Improved clarity of configuration, environment variables, and installation sections.",
"changelogSource": "auto",
"createdAt": 1770874753744,
"parsed": {
"clawdis": {
"emoji": "🔐",
"homepage": "https:\/\/github.com\/ryancnelson\/otp-challenger",
"install": [
{
"bins": [
"jq"
],
"formula": "jq",
"id": "jq",
"kind": "brew",
"label": "Install jq via Homebrew"
},
{
"bins": [
"python3"
],
"formula": "python3",
"id": "python3",
"kind": "brew",
"label": "Install Python 3 via Homebrew"
},
{
"bins": [
"oathtool"
],
"formula": "oath-toolkit",
"id": "oathtool",
"kind": "brew",
"label": "Install OATH Toolkit via Homebrew"
}
],
"requires": {
"anyBins": [
"oathtool",
"node"
],
"bins": [
"jq",
"python3",
"curl",
"openssl",
"base64"
]
}
}
},
"version": "1.0.6"
},
"owner": {
"_creationTime": 0,
"_id": "publishers:missing",
"displayName": "ryancnelson",
"handle": "ryancnelson",
"image": "https:\/\/avatars.githubusercontent.com\/u\/347171?v=4",
"kind": "user",
"linkedUserId": "kn75db75jbs5qk95dvgv0b5ce9808g39"
},
"ownerHandle": "ryancnelson",
"skill": {
"_creationTime": 1769900188599,
"_id": "kd7fca30kkv3jbzz45zqm9eqbs808a7g",
"badges": [],
"createdAt": 1769900188599,
"displayName": "Otp Challenger",
"latestVersionId": "k976ehcm4arbhfxk0wb6qg16p58118x7",
"ownerUserId": "kn75db75jbs5qk95dvgv0b5ce9808g39",
"slug": "otp-challenger",
"stats": {
"comments": 4,
"downloads": 2436,
"installsAllTime": 0,
"installsCurrent": 0,
"stars": 0,
"versions": 7
},
"summary": "Enable agents and skills to challenge users for fresh two-factor authentication proof (TOTP or YubiKey) before executing sensitive actions. Use this for identity verification in approval workflows - deploy commands, financial operations, data access, admin operations, and change control.",
"tags": {
"2fa": "k9719cdnhanwmktk0khzp97e4580avf7",
"latest": "k976ehcm4arbhfxk0wb6qg16p58118x7",
"otp": "k9719cdnhanwmktk0khzp97e4580avf7",
"security": "k9719cdnhanwmktk0khzp97e4580avf7",
"totp": "k9719cdnhanwmktk0khzp97e4580avf7"
},
"updatedAt": 1774321958494
}
}