风险评分

72/100 (Low)

OpenClaw: benign
VirusTotal: suspicious
StaticScan: suspicious

Skill Security Scanner

作者: moer
Slug:skill-sec-scan-en
版本:1.0.0
更新时间:2026-03-24 15:25:50
风险信息

OpenClaw: benign

查看 OpenClaw 分析摘要(前 200 字预览) 
The skill's code, scripts, and runtime instructions align with its stated purpose (a local/remote static scanner) and do not request unrelated credentials or installs, but it will execute local shell ...

[内容已截断]

VirusTotal: suspicious VT 报告

静态扫描: suspicious 

Detected: suspicious.dangerous_exec
README

README 未提供

文件列表

无文件信息

下载
下载官方 ZIP
原始 JSON 数据
{
    "latestVersion": {
        "_creationTime": 1773831314184,
        "_id": "k978fe9v9qh6c0d24fwhqbtbs58345vf",
        "changelog": "Skill Security Scanner v1.0.0 — Initial Release\n\n- Introduces an enterprise-grade skill security scanner supporting JavaScript, TypeScript, Python, and Shell file types.\n- Detects four major threat categories: data exfiltration, injection attacks, code obfuscation, and trojans\/backdoors.\n- Implements 57 detailed detection rules, covering 60+ dangerous operation patterns.\n- Features an intelligence-driven static analysis engine with quantitative scoring (0–100) and clear risk levels.\n- Supports remote (ClawHub\/GitHub) and local scanning, batch operations, detailed risk reports, and user-defined whitelists.\n- Provides standard report templates, natural language triggers, and full documentation for usage and result interpretation.",
        "changelogSource": "auto",
        "createdAt": 1773831314184,
        "version": "1.0.0"
    },
    "owner": {
        "_creationTime": 0,
        "_id": "publishers:missing",
        "displayName": "moer",
        "handle": "torchesfrms",
        "image": "https:\/\/avatars.githubusercontent.com\/u\/42177272?v=4",
        "kind": "user",
        "linkedUserId": "kn7ewfx332mk3nevrwg0b59avh80jffv"
    },
    "ownerHandle": "torchesfrms",
    "skill": {
        "_creationTime": 1773831314184,
        "_id": "kd7cecgv22rjgdksnj24t3vbzh8342n4",
        "badges": [],
        "createdAt": 1773831314184,
        "displayName": "Skill Security Scanner",
        "latestVersionId": "k978fe9v9qh6c0d24fwhqbtbs58345vf",
        "ownerUserId": "kn7ewfx332mk3nevrwg0b59avh80jffv",
        "slug": "skill-sec-scan-en",
        "stats": {
            "comments": 0,
            "downloads": 51,
            "installsAllTime": 0,
            "installsCurrent": 0,
            "stars": 0,
            "versions": 1
        },
        "summary": "自动检测 JavaScript、TypeScript、Python 和 Shell 文件中的数据外泄、注入、代码混淆与木马后门等安全风险并生成详细报告。",
        "tags": {
            "latest": "k978fe9v9qh6c0d24fwhqbtbs58345vf"
        },
        "updatedAt": 1774337150204
    }
}