中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 10/100
上次扫描:1 天前 重新扫描
10 /100
file-sender
Find and send local files to a chat channel (Telegram, Discord, WhatsApp, Signal, Slack) with age-encrypted credential management
The skill is a legitimate file-sending and credential-management utility with age encryption. All operations are documented, the security model (RAM staging, secure deletion, encrypted-at-rest credentials) is well-designed, and no malicious patterns were found.
技能名称file-sender
分析耗时39.4s
引擎pi
可以安装
No blocking action needed. Optionally audit the openclaw CLI dependency and restrict the file search scope to ~ or /home to limit exposure to system-wide enumeration.

安全发现 1 项

严重性 安全发现 位置
低危
System-wide file enumeration 敏感访问
SKILL.md example shows `find / -name 'filename*' -readable -type f` which enumerates the entire filesystem. While read-only and permission-filtered, it could touch sensitive system paths like /proc, /sys, /root.
find / -name "filename*" -readable -type f 2>/dev/null
→ Restrict search to user-accessible paths like ~, /home, or /tmp for safer default behavior
 SKILL.md:38
资源类型声明权限推断权限状态证据
文件系统 READ WRITE ✓ 一致 send_file.py:47-57 — stages file to /dev/shm; cred_manager.py:119 — writes decry…
命令执行 WRITE WRITE ✓ 一致 send_file.py:82 — subprocess.run(openclaw); cred_manager.py:36,47,67 — subproces…
网络访问 READ READ ✓ 一致 send_file.py:82 — openclaw message send (outbound messaging only, no inbound fet…
环境变量 NONE NONE No os.environ iteration; key path is hardcoded as a path, not env var
技能调用 NONE NONE No recursive skill invocations found

目录结构

4 文件 · 19.0 KB · 526 行
Python 2f · 361L Markdown 1f · 160L JSON 1f · 5L
├─ 📁 scripts
│ ├─ 🐍 cred_manager.py Python 246L · 8.4 KB
│ └─ 🐍 send_file.py Python 115L · 3.6 KB
├─ 📋 _meta.json JSON 5L · 141 B
└─ 📝 SKILL.md Markdown 160L · 6.8 KB

依赖分析 3 项

包名版本来源已知漏洞备注
openclaw unknown system CLI External CLI dependency — not in requirements.txt; security depends on openclaw's own implementation
age unknown system CLI Standard age encryption tool; no known vulnerabilities
age-keygen unknown system CLI Part of the age package

安全亮点

✓ No obfuscation: all code is plain-text Python, no base64, no eval/atob
✓ No external network connections: openclaw is the sole outbound channel, called via subprocess
✓ No credential exfiltration: credentials stay encrypted at rest in ~/Documenti/credentials/
✓ Secure memory handling: plaintext decrypted to RAM (/dev/shm), zeroed from memory after use
✓ Secure deletion: plaintext overwritten with zeros + fsync before unlink
✓ Encryption is legitimate: age X25519 + ChaCha20-Poly1305 + Argon2id is a proper modern cipher suite
✓ RAG indexing blacklist: credentials/ explicitly excluded from RAG index
✓ No reverse shell, no C2, no data theft indicators
✓ All subprocess calls are documented and necessary for the feature
✓ File size validation (50 MB Telegram limit) prevents resource exhaustion