中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 20/100
上次扫描:1 天前 重新扫描
20 /100
Config Tracker
自动追踪并提交 OpenClaw 配置文件和关键 markdown 文件的变更
A legitimate OpenClaw configuration tracking plugin that uses undeclared shell execution for git operations, but lacks malicious intent or data exfiltration behavior.
技能名称Config Tracker
分析耗时49.8s
引擎pi
可以安装
Add explicit allowed-tools declaration in SKILL.md listing shell:WRITE for git operations. Consider documenting the shell dependency to reduce ambiguity.

安全发现 2 项

严重性 安全发现 位置
低危
Undeclared shell execution capability 文档欺骗
SKILL.md does not declare the use of spawnSync for executing git commands. This is necessary for the stated functionality but violates transparency requirements.
const result = spawnSync('git', [...configArgs, ...args], {...})
→ Add 'allowed-tools: Bash→shell:WRITE' to SKILL.md to declare git command execution capability
 config-tracker.js:100
低危
Accesses potentially sensitive config file 敏感访问
The plugin reads ~/.openclaw/openclaw.json which may contain API keys and provider configurations. However, the code only tracks changes via git, not extract credentials.
const openclawConfigPath = expandTilde(this.config.openclawConfig);
→ Document that the skill accesses openclaw.json for change tracking purposes only
 config-tracker.js:228
资源类型声明权限推断权限状态证据
文件系统 NONE READ ✓ 一致 config-tracker.js:228 - reads openclaw.json and workspace files without declarat…
命令执行 NONE WRITE ✗ 越权 config-tracker.js:100 - spawnSync('git', ...) executes shell commands without de…
网络访问 NONE NONE No network operations observed
环境变量 NONE READ ✓ 一致 config-tracker.js:94 - copies process.env but only for git execution, not creden…
1 项发现
🔗
中危 外部 URL 外部 URL
https://openclaw.ai/schemas/plugin-manifest.v1.json
openclaw.plugin.json:2

目录结构

6 文件 · 16.6 KB · 559 行
JavaScript 2f · 397L JSON 3f · 97L Markdown 1f · 65L
├─ 📜 config-tracker.js JavaScript 387L · 12.0 KB
├─ 📜 index.js JavaScript 10L · 168 B
├─ 📋 openclaw.plugin.json JSON 69L · 1.7 KB
├─ 📋 package.json JSON 17L · 388 B
├─ 📋 plugin.json JSON 11L · 273 B
└─ 📝 SKILL.md Markdown 65L · 2.1 KB

依赖分析 4 项

包名版本来源已知漏洞备注
node:fs/promises builtin node Node.js built-in module
node:path builtin node Node.js built-in module
node:os builtin node Node.js built-in module
node:child_process builtin node Node.js built-in module - spawnSync used for git

安全亮点

✓ No credential harvesting - process.env is only copied for git execution environment, not for extracting secrets
✓ No network exfiltration - all operations are local git commits
✓ No obfuscation or encoded payloads
✓ Git operations are scoped to specific tracked files, not broad repository scanning
✓ Uses spawnSync (synchronous) rather than exec for controlled execution
✓ Includes 5-second cooldown to prevent rapid-fire commits
✓ No remote script execution (curl|bash, wget|sh)
✓ Dependencies are minimal and pinned (only Node.js built-ins)