风险评分

59/100 (Medium)

OpenClaw: suspicious
VirusTotal: benign
StaticScan: unknown

ztp

作者: thomastrumpp
Slug:ztp
版本:2.0.0
更新时间:2026-02-26 03:40:39
风险信息

OpenClaw: suspicious

查看 OpenClaw 分析摘要(前 200 字预览) 
The skill appears to be an AST-based security auditor and mostly matches its stated purpose, but missing provenance, a mismatched runtime path in the documentation, and a few implementation choices (d...

[内容已截断]

VirusTotal: benign VT 报告

静态扫描: unknown

README

README 未提供

文件列表

无文件信息

下载
下载官方 ZIP
原始 JSON 数据
{
    "latestVersion": {
        "_creationTime": 1771192134776,
        "_id": "k97fcxnadm0828pmxd51605z25816q96",
        "changelog": "ZTP 2.0.0 introduces a comprehensive mandatory security audit skill based on the SEP-2026 Zero Trust protocol.\n\n- Enforces static code analysis and supply chain security checks for all new Skills, MCP Servers, and scripts.\n- Provides step-by-step audit workflow and clear criteria for accept\/reject decisions.\n- Integrates the Shield Pro 2.0 analyzer, with optional support for SOTA tools (Bandit, Safety, npm audit, Trivy, Garak).\n- Ensures all code is scanned before use or execution, prioritizing Zero Trust and non-execution principles.\n- Supplies clear usage instructions and actionable output thresholds for manual review or rejection.\n\nInspired by https:\/\/www.youtube.com\/watch?v=AGxcQ-j64Ms&t=2s",
        "changelogSource": "user",
        "createdAt": 1771192134776,
        "version": "2.0.0"
    },
    "owner": {
        "_creationTime": 0,
        "_id": "publishers:missing",
        "displayName": "thomastrumpp",
        "handle": "thomastrumpp",
        "image": "https:\/\/avatars.githubusercontent.com\/u\/6625060?v=4",
        "kind": "user",
        "linkedUserId": "kn7c9069kny8fjk7cbp85qdpcn80ntx1"
    },
    "ownerHandle": "thomastrumpp",
    "skill": {
        "_creationTime": 1771192134776,
        "_id": "kd7858wap3x7j7yjcepd627zbh816n39",
        "badges": [],
        "createdAt": 1771192134776,
        "displayName": "ztp",
        "latestVersionId": "k97fcxnadm0828pmxd51605z25816q96",
        "ownerUserId": "kn7c9069kny8fjk7cbp85qdpcn80ntx1",
        "slug": "ztp",
        "stats": {
            "comments": 0,
            "downloads": 454,
            "installsAllTime": 0,
            "installsCurrent": 0,
            "stars": 0,
            "versions": 1
        },
        "summary": "A mandatory security audit skill for validating new code, skills, and MCP servers against the SEP-2026 Zero Trust protocol.",
        "tags": {
            "latest": "k97fcxnadm0828pmxd51605z25816q96"
        },
        "updatedAt": 1772048439314
    }
}