47/100 (Medium)

OpenClaw： suspicious
VirusTotal： suspicious
StaticScan： clean

OpenClaw： suspicious

The skill's declared behavior (sandbox-only gray-box fuzzer that spawns a worker subagent and probes installed skills) is generally coherent with its instructions, but there are a few mismatches and o...

[内容已截断]

VirusTotal： suspicious VT 报告

静态扫描： clean

No suspicious patterns detected.

README 未提供

{
    "latestVersion": {
        "_creationTime": 1774824285855,
        "_id": "k97cwqtjsk0jxdbrfv3x6154d583t1da",
        "changelog": "Initial release of safe-fuzzer.\n\n- Provides a gray-box, behavior-led fuzzer for installed skills, operating only inside a locked sandbox.\n- Orchestrates fuzzing using a parent\/worker agent model, with parent setup and worker executing probes.\n- Supports configurable presets for probe depth (`min`, `balanced`, `max`), with CLI invocation and timeout recommendations.\n- Deploys honeypot fixtures, probes skill execution, records file\/shell\/network behavior, and returns a structured JSON risk report.\n- Includes strict safety gates to prevent host compromise, secrets leakage, or running outside the sandbox.\n- Comprehensive execution flow: preflight, target resolution, test strategy planning, fixture deployment, probe loop, and final reporting.",
        "changelogSource": "user",
        "createdAt": 1774824285855,
        "parsed": {
            "clawdis": {
                "skillKey": "safe-fuzzer"
            }
        },
        "version": "1.0.0"
    },
    "owner": {
        "_creationTime": 0,
        "_id": "s175swzq6x653fz70w4br6z8ds83q7ac",
        "displayName": "Agentsey",
        "handle": "agentsey",
        "kind": "org"
    },
    "ownerHandle": "agentsey",
    "skill": {
        "_creationTime": 1774824285855,
        "_id": "kd76mb08fqvm2b33dtx4ck6a3183vx4p",
        "badges": [],
        "canonicalSkillId": "kd715dkx87cz5jrgscpevwxqnn83vqda",
        "createdAt": 1774824285855,
        "displayName": "SAFE-Fuzzer",
        "forkOf": {
            "at": 1774824285855,
            "kind": "duplicate",
            "skillId": "kd715dkx87cz5jrgscpevwxqnn83vqda"
        },
        "latestVersionId": "k97cwqtjsk0jxdbrfv3x6154d583t1da",
        "ownerPublisherId": "s175swzq6x653fz70w4br6z8ds83q7ac",
        "ownerUserId": "kn75tjww6p5973r3fgqa7240m583q53t",
        "slug": "safe-fuzzer-skill",
        "stats": {
            "comments": 0,
            "downloads": 10,
            "installsAllTime": 0,
            "installsCurrent": 0,
            "stars": 0,
            "versions": 1
        },
        "summary": "Sandbox-only behavior-led gray-box skill fuzzer. Spawns a worker subagent, probes an installed target skill, deploys honeypot fixtures, and returns a structu...",
        "tags": {
            "latest": "k97cwqtjsk0jxdbrfv3x6154d583t1da"
        },
        "updatedAt": 1774826211561
    }
}