扫描报告
0 /100
jcvd
Authorization gatekeeper for OpenClaw agents. Scoped grants, time-bound permissions, skill scanning, prompt injection detection, and full audit trail.
Jean-Claw Van Damme is a legitimate authorization gatekeeper skill that performs security scanning and audit logging. No malicious behavior detected.
可以安装
This skill is safe to install. It functions as documented: a pure markdown authorization framework with helper scripts for scanning and audit export.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | READ | ✓ 一致 | SKILL.md (implicit): reads target skill files during scan |
| 命令执行 | NONE | WRITE | ✓ 一致 | scan-skill.sh, audit-export.sh: grep/cp operations scoped to target skill direct… |
2 项发现
中危 外部 URL 外部 URL
https://agenticpoa.com README.md:9 中危 外部 URL 外部 URL
https://snyk.io/blog/clawhub-malicious-google-skill-openclaw-malware/ README.md:13 目录结构
5 文件 · 27.0 KB · 801 行 Markdown 2f · 431L
Shell 2f · 305L
JSON 1f · 65L
├─
audit-export.sh
Shell
├─
policy.json
JSON
├─
README.md
Markdown
├─
scan-skill.sh
Shell
└─
SKILL.md
Markdown
安全亮点
✓ Pure markdown skill -- no compiled code, fully readable
✓ No external dependencies or third-party packages
✓ No obfuscation or encoded payloads anywhere
✓ Helper scripts are documented in README.md architecture section
✓ Security-focused tool: prompt injection detection, skill scanning, audit logging
✓ No credential harvesting, data exfiltration, or network exfiltration behavior
✓ No base64-encoded payloads or dynamic code execution
✓ No references to sensitive paths (~/.ssh, ~/.aws, .env)
✓ scan-skill.sh correctly detects its own patterns as a self-referential security scanner
✓ Open source MIT license, author from known organization (agenticpoa)