风险评分

76/100 (Low)

OpenClaw: benign
VirusTotal: suspicious
StaticScan: unknown

Skill Vettr

作者: britrik
Slug:skill-vettr
版本:2.0.3
更新时间:2026-03-24 12:02:14
风险信息

OpenClaw: benign

查看 OpenClaw 分析摘要(前 200 字预览) 
The skill is a coherent static-vetting tool that requests only the binaries and actions needed for AST-based analysis; it exposes normal npm-install and temporary-file risks which are documented in it...

[内容已截断]

VirusTotal: suspicious VT 报告

静态扫描: unknown

README

README 未提供

文件列表

无文件信息

下载
下载官方 ZIP
原始 JSON 数据
{
    "latestVersion": {
        "_creationTime": 1771158561137,
        "_id": "k97avr55mh9105c2pnr593nzk1816y15",
        "changelog": "v2.0.3 introduces .vettrignore file support, customizable vetting roots, and safer filesystem defaults.\n\n- Added support for .vettrignore files to exclude files\/directories from scans using glob patterns.\n- Introduced allowCwd config option: by default, only os.tmpdir(), ~\/.openclaw, and ~\/Downloads are accepted as vetting roots; set allowCwd: true to scan under the current working directory.\n- Added startup verification for required .wasm artifacts with descriptive error messages when files are missing after install.\n- Added formal install spec to registry metadata declaring npm install command, required .wasm artifacts, and lifecycle script safety notes.\n- Updated documentation to explain filesystem scope, configuration, and .vettrignore format and usage.",
        "changelogSource": "user",
        "createdAt": 1771158561137,
        "parsed": {
            "clawdis": {
                "requires": {
                    "bins": [
                        "node",
                        "git",
                        "curl",
                        "tar",
                        "clawhub"
                    ]
                }
            }
        },
        "version": "2.0.3"
    },
    "owner": {
        "_creationTime": 0,
        "_id": "publishers:missing",
        "displayName": "britrik",
        "handle": "britrik",
        "image": "https:\/\/avatars.githubusercontent.com\/u\/214915099?v=4",
        "kind": "user",
        "linkedUserId": "kn7ew5gbg17d6pmg1sjvqm6qe180p9e5"
    },
    "ownerHandle": "britrik",
    "skill": {
        "_creationTime": 1771152355065,
        "_id": "kd77ehz2bja0e3k2vkmp74x4md816ncc",
        "badges": [],
        "createdAt": 1771152355065,
        "displayName": "Skill Vettr",
        "latestVersionId": "k97avr55mh9105c2pnr593nzk1816y15",
        "ownerUserId": "kn7ew5gbg17d6pmg1sjvqm6qe180p9e5",
        "slug": "skill-vettr",
        "stats": {
            "comments": 0,
            "downloads": 610,
            "installsAllTime": 2,
            "installsCurrent": 1,
            "stars": 0,
            "versions": 2
        },
        "summary": "Static analysis security scanner for third-party OpenClaw skills. Detects eval\/spawn risks, malicious dependencies, typosquatting, and prompt injection patte...",
        "tags": {
            "analysis": "k97avr55mh9105c2pnr593nzk1816y15",
            "latest": "k97avr55mh9105c2pnr593nzk1816y15",
            "scanner": "k97avr55mh9105c2pnr593nzk1816y15",
            "security": "k97avr55mh9105c2pnr593nzk1816y15",
            "static-analysis": "k97avr55mh9105c2pnr593nzk1816y15",
            "vetting": "k97avr55mh9105c2pnr593nzk1816y15"
        },
        "updatedAt": 1774324934450
    }
}