94/100 (Very Low)

OpenClaw： benign
VirusTotal： benign
StaticScan： unknown

OpenClaw： benign

The skill is a coherent, fail-closed static auditing tool that requires trufflehog, semgrep, jq and python3 and its scripts/installs align with the described purpose — nothing indicates intentional mi...

[内容已截断]

VirusTotal： benign VT 报告

静态扫描： unknown

README 未提供

{
    "latestVersion": {
        "_creationTime": 1769905420223,
        "_id": "k975kt5296j50509q3q72s7gs980bbwk",
        "changelog": "Improve description\/summary for discoverability",
        "changelogSource": "user",
        "createdAt": 1769905420223,
        "parsed": {
            "clawdis": {
                "emoji": "🛡️",
                "install": [
                    {
                        "bins": [
                            "jq"
                        ],
                        "formula": "jq",
                        "id": "brew-jq",
                        "kind": "brew",
                        "label": "Install jq (brew)"
                    },
                    {
                        "bins": [
                            "trufflehog"
                        ],
                        "formula": "trufflehog",
                        "id": "brew-trufflehog",
                        "kind": "brew",
                        "label": "Install trufflehog (brew)"
                    },
                    {
                        "bins": [
                            "semgrep"
                        ],
                        "formula": "semgrep",
                        "id": "brew-semgrep",
                        "kind": "brew",
                        "label": "Install semgrep (brew)"
                    }
                ],
                "requires": {
                    "bins": [
                        "jq",
                        "trufflehog",
                        "semgrep",
                        "python3"
                    ]
                }
            }
        },
        "version": "0.1.3"
    },
    "owner": {
        "_creationTime": 0,
        "_id": "publishers:missing",
        "displayName": "virtaava",
        "handle": "virtaava",
        "image": "https:\/\/avatars.githubusercontent.com\/u\/120133085?v=4",
        "kind": "user",
        "linkedUserId": "kn74vbnetkza33wq7hnktf49k9809h1q"
    },
    "ownerHandle": "virtaava",
    "skill": {
        "_creationTime": 1769872613512,
        "_id": "kd740gzd3akfmcde9f3bhtd6jn808cvh",
        "badges": [],
        "createdAt": 1769872613512,
        "displayName": "Security Audit (Sona)",
        "latestVersionId": "k975kt5296j50509q3q72s7gs980bbwk",
        "ownerUserId": "kn74vbnetkza33wq7hnktf49k9809h1q",
        "slug": "sona-security-audit",
        "stats": {
            "comments": 0,
            "downloads": 2335,
            "installsAllTime": 4,
            "installsCurrent": 4,
            "stars": 1,
            "versions": 4
        },
        "summary": "Fail-closed security auditing for OpenClaw\/ClawHub skills & repos: trufflehog secrets scanning, semgrep SAST, prompt-injection\/persistence signals, and supply-chain hygiene checks before enabling or installing.",
        "tags": {
            "audit": "k975kt5296j50509q3q72s7gs980bbwk",
            "clawhub": "k975kt5296j50509q3q72s7gs980bbwk",
            "devsecops": "k975kt5296j50509q3q72s7gs980bbwk",
            "latest": "k975kt5296j50509q3q72s7gs980bbwk",
            "openclaw": "k975kt5296j50509q3q72s7gs980bbwk",
            "prompt-injection": "k975kt5296j50509q3q72s7gs980bbwk",
            "security": "k975kt5296j50509q3q72s7gs980bbwk",
            "semgrep": "k975kt5296j50509q3q72s7gs980bbwk",
            "supply-chain": "k975kt5296j50509q3q72s7gs980bbwk",
            "trufflehog": "k975kt5296j50509q3q72s7gs980bbwk"
        },
        "updatedAt": 1772075846791
    }
}