扫描报告
20 /100
lark-openclaw-bridge
Personal memo assistant, triggered when the user message starts with `/private-secretary` or `/ps`. Features: 1. Automatically classifies and appends user input to the corresponding Markdown file in `~/.memo`. 2. Automatically re-classifies and reorganizes all memos under `~/.memo` when the input is 'rearrange'
Single-file SKILL.md describes a memo-classification tool that writes Markdown files to ~/.memo using shell commands, but references a non-existent 'exec' tool not in the allowed-tools mapping and never declares the shell:WRITE permission required.
可以安装
Rename the 'exec' tool reference to 'Bash' to match the actual allowed-tool name, and explicitly declare filesystem:WRITE + shell:WRITE in the SKILL.md header capabilities section so the permission grant is auditable.
安全发现 2 项
| 严重性 | 安全发现 | 位置 |
|---|---|---|
| 低危 | Undeclared shell:WRITE permission 文档欺骗 | SKILL.md:1 |
| 低危 | Reference to non-existent 'exec' tool 文档欺骗 | SKILL.md:19 |
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | WRITE | ✓ 一致 | SKILL.md: mkdir -p ~/.memo; printf ... >> ~/.memo/{{category}}.md |
| 命令执行 | NONE | WRITE | ✓ 一致 | SKILL.md: 'Use the exec tool to run shell commands' — shell:WRITE permission is … |
目录结构
1 文件 · 1.6 KB · 31 行 Markdown 1f · 31L
└─
SKILL.md
Markdown
安全亮点
✓ No malicious code present — only a single Markdown documentation file
✓ No credential harvesting or environment variable enumeration
✓ No network calls, data exfiltration, or C2 communication
✓ No obfuscation, base64 encoding, or anti-analysis patterns
✓ No download-and-execute patterns (curl|bash, wget|sh)
✓ No sensitive file access beyond the intended ~/.memo directory
✓ Behavior (write memos to ~/.memo) is straightforward and matches stated purpose