rundev-local-dev 安全扫描报告 — 可疑 | ClawSafe

55 /100

rundev-local-dev

Local dev environment manager. Process management, automatic HTTPS domains, SSL certificates, reverse proxy, and AI crash diagnosis

The skill describes a legitimate local dev tool but relies on dangerous curl|bash installation and requires opaque system-level modifications including permanent NOPASSWD sudo access.

技能名称rundev-local-dev

分析耗时55.3s

引擎pi

⚠

谨慎使用

Do not use curl|bash installation. If needed, manually review and download the install script first, verify its contents, and consider building from source. The permanent sudoers rule poses significant risk.

攻击链 5 步

◎

入口 User executes curl|bash installation command

SKILL.md:83

⬡

提权 Remote server serves potentially malicious install.sh

https://getrun.dev/install.sh:1

⬡

提权 Install script executes with sudo privileges, creates NOPASSWD rule

install.sh (hidden):unknown

⬡

提权 Binary installed to /usr/local/bin, iptables rules set up, hosts modified

install.sh (hidden):unknown

◉

影响 Malicious binary with permanent sudo access runs with elevated privileges

/usr/local/bin/rundev:unknown

安全发现 5 项

严重性	安全发现	位置
高危	Dangerous curl\|bash Installation Pattern 供应链 Line 83 executes remote script directly from getrun.dev without verification. This is a well-known attack vector where the remote server could serve different content per request, enabling supply chain compromise. `curl -fsSL https://getrun.dev/install.sh \| bash` → Download the install script first with 'curl -fsSL https://getrun.dev/install.sh -o install.sh', review contents, then execute locally.	`SKILL.md:83`
高危	Undeclared Permanent Sudoers Rule 权限提升 The installer creates a NOPASSWD sudoers rule for hosts management. This grants permanent elevated privileges without declaring it as a capability. This rule persists across reboots and could be abused. `Installs a hosts helper script with a NOPASSWD sudoers rule` → Review the sudoers rules installed. Consider using alternative privilege separation or requesting user confirmation for sudo access.	`SKILL.md:86`
高危	Hidden Installation Script Contents 文档欺骗 The SKILL.md describes what the installer does but the actual install.sh script contents are not visible. Users cannot verify what commands will actually execute, including potential data collection or additional downloads. `What the installer does (fully transparent, reversible...)` → Provide the full install.sh script content in the skill documentation for transparency and verification.	`SKILL.md:84`
中危	Unverified Prebuilt Binary Download 供应链 The installer downloads a prebuilt binary from getrun.dev with no checksum verification. An attacker compromising the domain could serve a malicious binary. `Downloads prebuilt binary to /usr/local/bin/rundev` → Use the source-based installation: 'git clone && make install' to compile from verified source code.	`SKILL.md:85`
中危	System-Level Persistence Mechanisms 持久化 Installer sets up persistent configurations: iptables NAT rules, pfctl anchors, hosts file modifications, and state persistence in state.json. These create multiple persistence vectors. `Sets up port forwarding: port 80 → 1111, port 443 → 1112 (localhost only)` → Document all persistence mechanisms clearly and provide easy uninstall to remove all traces.	`SKILL.md:86`

资源类型	声明权限	推断权限	状态	证据
文件系统	`WRITE`	`WRITE`	✓ 一致	SKILL.md:80-85 - /usr/local/bin, /etc/hosts, ~/.config/rundev/
命令执行	`WRITE`	`WRITE`	✓ 一致	SKILL.md:83 - curl\|bash execution
网络访问	`READ`	`WRITE`	✗ 越权	SKILL.md:83 - Downloads binary from getrun.dev
环境变量	`NONE`	`NONE`	—	No environment access declared or observed
技能调用	`NONE`	`NONE`	—	No cross-skill invocation
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser automation
数据库	`NONE`	`NONE`	—	No database access

1 严重 6 项发现

💀

严重危险命令危险 Shell 命令

curl -fsSL https://getrun.dev/install.sh | bash

SKILL.md:83

🔗

中危外部 URL 外部 URL

https://getrun.dev

SKILL.md:22

🔗

中危外部 URL 外部 URL

https://getrun.dev/install.sh

SKILL.md:83

🔗

中危外部 URL 外部 URL

https://api.myapp.local

SKILL.md:193

🔗

中危外部 URL 外部 URL

https://docs.anthropic.com/en/docs/claude-code

SKILL.md:257

📧

提示邮箱邮箱地址

[email protected]

SKILL.md:21

目录结构

1 文件 · 12.4 KB · 323 行

Markdown 1f · 323L

└─ 📝 SKILL.md Markdown 323L · 12.4 KB

安全亮点

✓ Full documentation of what the installer does (though script content is hidden)

✓ Includes automatic rollback on failure

✓ Network rules are localhost-only (127.0.0.1)

✓ Explicit consent screen before system changes

✓ Provides uninstall command to reverse all changes

✓ Source code available on GitHub for verification (though not used by default install)