OpenClaw: benign
VirusTotal: suspicious
StaticScan: clean
OpenClaw: benign
The skill is internally consistent with a local Chrome/CDP automation toolkit: it contains only instructions for running a local silmaril.cmd toolkit and warns about high-risk operations, but you shou... [内容已截断]
VirusTotal: suspicious VT 报告
静态扫描: clean
No suspicious patterns detected.
README 未提供
无文件信息
{
"latestVersion": {
"_creationTime": 1773419847762,
"_id": "k9799gm3z2fq7xesc4m3atd8ex82tq1q",
"changelog": "### Security\n\n - Added explicit safeguard enforcement for high-risk commands.\n - eval-js now requires --allow-unsafe-js, or SILMARIL_ALLOW_UNSAFE_JS=1 in a trusted local session.\n - proxy-override, proxy-switch, and openurl-proxy now require --allow-mitm, or SILMARIL_ALLOW_MITM=1 in a trusted local session.\n - Proxy helper commands now enforce loopback-only binding by default. Non-local proxy binding requires explicit --allow-nonlocal-bind.\n\n ### Changed\n\n - Updated eval-js to record the safeguard acknowledgement source in JSON output.\n - Updated proxy commands to record the safeguard acknowledgement source in JSON output.\n - Updated dispatcher help text to show the new safeguard flags in command usage.\n - Updated the openurl-proxy missing-rules guidance to show the new --allow-mitm requirement.\n\n ### Documentation\n\n - Updated the silmaril-cdp skill documentation to mark eval-js, proxy-override, proxy-switch, and openurl-proxy as high-risk commands.\n - Added guidance that cloning or installing the toolkit should only happen after explicit user approval.\n - Updated command examples in the skill references, COMMAND_GUIDE.md, and MITM docs to include the new safeguard flags.\n - Documented the new environment variable overrides for trusted local sessions.\n\n ### Tests\n\n - Added unit tests for high-risk safeguard enforcement on eval-js, openurl-proxy, proxy-override, and proxy-switch.\n - Added unit tests for shared helper behavior covering truthy opt-in values and loopback host validation.\n - Verified the unit test suite passes after the safeguard changes.",
"changelogSource": "user",
"createdAt": 1773419847762,
"version": "1.0.2"
},
"owner": {
"_creationTime": 0,
"_id": "publishers:missing",
"displayName": "Malac12",
"handle": "malac12",
"image": "https:\/\/avatars.githubusercontent.com\/u\/162802781?v=4",
"kind": "user",
"linkedUserId": "kn73cqypmshp4p3seq2fkzr95n81gr8e"
},
"ownerHandle": "malac12",
"skill": {
"_creationTime": 1773157926830,
"_id": "kd71phxgf797rk23eswn72dtb582nacc",
"badges": [],
"createdAt": 1773157926830,
"displayName": "Silmaril Ranger",
"latestVersionId": "k9799gm3z2fq7xesc4m3atd8ex82tq1q",
"ownerUserId": "kn73cqypmshp4p3seq2fkzr95n81gr8e",
"slug": "silmaril-cdp",
"stats": {
"comments": 2,
"downloads": 204,
"installsAllTime": 0,
"installsCurrent": 0,
"stars": 1,
"versions": 3
},
"summary": "Browser automation, DOM inspection, page mutation, wait orchestration, flow execution, and local proxy override work through the Silmaril Chrome DevTools Pro...",
"tags": {
"latest": "k9799gm3z2fq7xesc4m3atd8ex82tq1q"
},
"updatedAt": 1774331450829
}
}