openclaw-livestock-assistant 安全扫描报告 — 可信 | ClawSafe

0 /100

openclaw-livestock-assistant

AI-powered livestock management assistant for Spanish-speaking farmers with a REST API for herd record-keeping

This skill consists entirely of documentation and reference markdown files. No implementation code, scripts, or executables are present, and all declared capabilities (AI chat via external providers, local REST API) are clearly documented.

技能名称openclaw-livestock-assistant

分析耗时33.9s

引擎pi

✓

可以安装

No security action required. If this skill is deployed, ensure actual implementation files (Node.js/Express server, TypeScript source) are reviewed separately before execution.

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	No file access code in repository
网络访问	`READ`	`READ`	✓ 一致	SKILL.md line 1 - references localhost:3000 REST API; AI providers are declared
命令执行	`NONE`	`NONE`	—	No bash/shell scripts found (pre-scan confirmed no scripts/)
环境变量	`READ`	`READ`	✓ 一致	SKILL.md - OPENAI_API_KEY, ANTHROPIC_API_KEY, GOOGLE_GENERATIVE_AI_API_KEY decla…
技能调用	`NONE`	`NONE`	—	No skill-to-skill invocations found
剪贴板	`NONE`	`NONE`	—	No clipboard access code
浏览器	`NONE`	`NONE`	—	No browser automation code
数据库	`READ`	`READ`	✓ 一致	references/api.md - GET/POST/PATCH/DELETE /api/animals, all documented

目录结构

5 文件 · 16.8 KB · 462 行

Markdown 5f · 462L

├─ ▾ 📁 references

│ ├─ 📝 api.md Markdown 126L · 2.6 KB

│ ├─ 📝 breeds.md Markdown 52L · 1.9 KB

│ ├─ 📝 diseases.md Markdown 93L · 4.1 KB

│ └─ 📝 nutrition.md Markdown 79L · 4.0 KB

└─ 📝 SKILL.md Markdown 112L · 4.2 KB

安全亮点

✓ Only documentation files present — no executable code, scripts, or binaries in the repository

✓ All API key requirements (OPENAI_API_KEY, ANTHROPIC_API_KEY, GOOGLE_GENERATIVE_AI_API_KEY) are explicitly declared in SKILL.md

✓ No hidden functionality — references/ subdirectory contains only legitimate agricultural reference data (breeds, diseases, nutrition)

✓ No credential harvesting or exfiltration patterns detected

✓ No obfuscation, base64-encoded payloads, or anti-analysis techniques

✓ No sensitive file access (ssh, aws, .env files)

✓ No network IOCs or external IP communication

✓ No supply chain risk — no dependencies declared (no package.json, requirements.txt, or Cargo.toml)