风险评分

65/100 (Medium)

OpenClaw: suspicious
VirusTotal: benign
StaticScan: clean

Security Constitution

作者: byronbanck-AI
Slug:security-constitution
版本:1.0.0
更新时间:2026-03-26 23:41:50
风险信息

OpenClaw: suspicious

查看 OpenClaw 分析摘要(前 200 字预览) 
The skill's purpose (policy/risk enforcement) matches its declared files and paths, but its runtime instructions are vague about how sensitive data (passwords, owner identity) are stored and handled a...

[内容已截断]

VirusTotal: benign VT 报告

静态扫描: clean 

No suspicious patterns detected.
README

README 未提供

文件列表

无文件信息

下载
下载官方 ZIP
原始 JSON 数据
{
    "latestVersion": {
        "_creationTime": 1774537518733,
        "_id": "k97528re30b31ebv7vpz1ab0e983m768",
        "changelog": "Initial release of security-constitution, implementing enterprise-grade, four-level risk control for OpenClaw:\n\n- Introduces L1–L4 risk assessment with distinct handling for each level (deny, confirm with password, log, direct allow).\n- Adds password re-authentication for sensitive operations and owner-only confirmations.\n- Implements comprehensive operation logging for auditing purposes.\n- Enforces absolute lockout on owner change, password change, and any attempt to bypass security mechanisms—these cannot be overridden.\n- Provides detailed hooks for operation pre- and post-processing, password failure, and bypass attempts.\n- Offers clear response templates and workflows for risk actions and user confirmations.",
        "changelogSource": "auto",
        "createdAt": 1774537518733,
        "version": "1.0.0"
    },
    "owner": {
        "_creationTime": 0,
        "_id": "s173a1k4skxsrhm2kqz92kz4g183mj9q",
        "displayName": "byronbanck-AI",
        "handle": "byronbanck-ai",
        "image": "https:\/\/avatars.githubusercontent.com\/u\/266997353?v=4",
        "kind": "user",
        "linkedUserId": "kn75q8ft1jarmf1542ftgfpv4d82s32e"
    },
    "ownerHandle": "byronbanck-ai",
    "skill": {
        "_creationTime": 1774537518733,
        "_id": "kd7596p9a2c1bxnv9b35fhjdm183nwhe",
        "badges": [],
        "createdAt": 1774537518733,
        "displayName": "Security Constitution",
        "latestVersionId": "k97528re30b31ebv7vpz1ab0e983m768",
        "ownerPublisherId": "s173a1k4skxsrhm2kqz92kz4g183mj9q",
        "ownerUserId": "kn75q8ft1jarmf1542ftgfpv4d82s32e",
        "slug": "security-constitution",
        "stats": {
            "comments": 0,
            "downloads": 27,
            "installsAllTime": 0,
            "installsCurrent": 0,
            "stars": 0,
            "versions": 1
        },
        "summary": "为 OpenClaw 提供企业级安全保障的四级风险控制技能。 - 四级风险评估(L1-L4):L1直接拒绝,L2密码确认,L3记录放行,L4直接放行 - 密码二次验证:敏感操作需主人确认 - 操作日志审计:记录所有操作供审计 - 绝对锁定:改密码\/改owner\/绕过安全机制均无法执行 ⚠️ 此技能是 AGENTS...",
        "tags": {
            "latest": "k97528re30b31ebv7vpz1ab0e983m768"
        },
        "updatedAt": 1774539710399
    }
}