风险评分

37/100 (High)

OpenClaw: suspicious
VirusTotal: suspicious
StaticScan: suspicious

References

作者: 13256659129
Slug:references
版本:1.0.0
更新时间:2026-03-23 08:56:48
风险信息

OpenClaw: suspicious

查看 OpenClaw 分析摘要 
技能总体功能(本地安全审计并生成/发送报告)与其代码匹配,但存在元数据不一致、未声明的外部发送点(硬编码 webhook / 可配置的 webhook/plugin)以及对环境变量和本地配置的未声明依赖,建议在信任前人工审查发送端点和配置文件。

VirusTotal: suspicious VT 报告

静态扫描: suspicious 

Detected: suspicious.dynamic_code_execution
README

README 未提供

文件列表

无文件信息

下载
下载官方 ZIP
原始 JSON 数据
{
    "latestVersion": {
        "_creationTime": 1774226911097,
        "_id": "k978j7bn9br6x507t04hranvqh83erwy",
        "changelog": "SX-security-audit v1.0.0 introduces a comprehensive skill for security audits on files, code, dependencies, and systems.\n\n- Performs checks on file permissions, world-writable files, dependencies, environment variables, git ignore\/security, network ports, shell and macOS security, and secret\/key leaks.\n- Supports CLI usage with selectable modules, severity filtering, JSON output, and custom configuration files.\n- Integrates precise key\/secret detection with regex and entropy checks; covers AWS, GitHub, Slack, OpenAI, JWT, and private keys.\n- Generates rich, filterable reports with summaries, actionable findings, and can send results in multiple formats to Feishu.\n- Configuration supports path exclusions, severity thresholds, report formatting, and flexible report delivery via Feishu plugin or webhook.",
        "changelogSource": "auto",
        "createdAt": 1774226911097,
        "version": "1.0.0"
    },
    "owner": {
        "_creationTime": 0,
        "_id": "publishers:missing",
        "displayName": "13256659129",
        "handle": "13256659129",
        "image": "https:\/\/avatars.githubusercontent.com\/u\/116622465?v=4",
        "kind": "user",
        "linkedUserId": "kn77w24vrz8s9nt00nnd7vqh5982p5d6"
    },
    "ownerHandle": "13256659129",
    "skill": {
        "_creationTime": 1774226911097,
        "_id": "kd7fafbtgjagpjxg2b7v8rj68583fefq",
        "badges": [],
        "createdAt": 1774226911097,
        "displayName": "References",
        "latestVersionId": "k978j7bn9br6x507t04hranvqh83erwy",
        "ownerUserId": "kn77w24vrz8s9nt00nnd7vqh5982p5d6",
        "slug": "references",
        "stats": {
            "comments": 0,
            "downloads": 39,
            "installsAllTime": 0,
            "installsCurrent": 0,
            "stars": 0,
            "versions": 1
        },
        "summary": "全方位安全审计技能。检查文件权限、环境变量、依赖漏洞、配置文件、网络端口、Git 安全、Shell 安全、macOS 安全、密钥检测等。支持 CLI 参数、JSON 输出、配置文件。当用户要求\"安全检查\"、\"漏洞扫描\"、\"权限检查\"、\"安全审计\"时使用此技能。",
        "tags": {
            "latest": "k978j7bn9br6x507t04hranvqh83erwy"
        },
        "updatedAt": 1774227408437
    }
}