风险评分

41/100 (Medium)

OpenClaw: suspicious
VirusTotal: suspicious
StaticScan: unknown

Secrets Scanner

作者: Anmol Nagpal
Slug:secrets-scanner
版本:1.0.0
更新时间:2026-03-24 12:58:20
风险信息

OpenClaw: suspicious

查看 OpenClaw 分析摘要(前 200 字预览) 
The skill's purpose (scanning IaC/configs for secrets) matches most of its instructions, but there are ambiguous/contradictory guidance items that could cause users to accidentally expose real secrets...

[内容已截断]

VirusTotal: suspicious VT 报告

静态扫描: unknown

README

README 未提供

文件列表

无文件信息

下载
下载官方 ZIP
原始 JSON 数据
{
    "latestVersion": {
        "_creationTime": 1772419935347,
        "_id": "k97fhysf6hc0yfvzdvbv0n5ef1824h0p",
        "changelog": "aws-secrets-scanner 1.0.0 - Initial Release\n\n- Detects hardcoded secrets, API keys, and credential misconfigurations in IaC and config files.\n- Instruction-only: analyzes exported data provided by the user; does not access AWS accounts or run AWS CLI commands directly.\n- Supports scanning Terraform, CloudFormation, CDK, and extracted environment variable names from Lambda\/ECS.\n- Identifies various secret types including AWS keys, API tokens, SSH keys, connection strings, and hardcoded passwords.\n- Produces actionable findings, risk assessment, and migration\/remediation guidance (including AWS Secrets Manager integration and Git history cleanup).\n- Protects sensitive data—never outputs raw credentials, only their locations and recommended next steps.",
        "changelogSource": "auto",
        "createdAt": 1772419935347,
        "version": "1.0.0"
    },
    "owner": {
        "_creationTime": 0,
        "_id": "publishers:missing",
        "displayName": "Anmol Nagpal",
        "handle": "anmolnagpal",
        "image": "https:\/\/avatars.githubusercontent.com\/u\/4303310?v=4",
        "kind": "user",
        "linkedUserId": "kn725581p5042szc5kfkvcmsd182357s"
    },
    "ownerHandle": "anmolnagpal",
    "skill": {
        "_creationTime": 1772419935347,
        "_id": "kd74dkb4xk2zccgwbfcenmkjd58254e4",
        "badges": [],
        "createdAt": 1772419935347,
        "displayName": "Secrets Scanner",
        "latestVersionId": "k97fhysf6hc0yfvzdvbv0n5ef1824h0p",
        "ownerUserId": "kn725581p5042szc5kfkvcmsd182357s",
        "slug": "secrets-scanner",
        "stats": {
            "comments": 0,
            "downloads": 242,
            "installsAllTime": 0,
            "installsCurrent": 0,
            "stars": 0,
            "versions": 1
        },
        "summary": "Detect hardcoded secrets, exposed API keys, and credential misconfigurations in IaC and config files",
        "tags": {
            "latest": "k97fhysf6hc0yfvzdvbv0n5ef1824h0p"
        },
        "updatedAt": 1774328300305
    }
}