proactive-agent 安全扫描报告 — 可信 | ClawSafe

5 /100

proactive-agent

Transform AI agents from task-followers into proactive partners that anticipate needs and continuously improve

This is a legitimate documentation/methodology skill providing proactive agent patterns with comprehensive security hardening practices. No malicious behavior detected.

技能名称proactive-agent

分析耗时34.2s

引擎pi

✓

可以安装

This skill is safe to use. The security audit script and documented security practices are well-designed. Continue using as-is.

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`READ`	✓ 一致	Documentation-only skill, no file operations required
网络访问	`NONE`	`NONE`	—	No network operations in implementation
命令执行	`NONE`	`NONE`	—	Audit script is for user execution only, not auto-run
环境变量	`NONE`	`NONE`	—	No environment variable access
技能调用	`NONE`	`NONE`	—	No skill invocation patterns
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser operations
数据库	`NONE`	`NONE`	—	No database operations

3 项发现

🔗

中危外部 URL 外部 URL

https://x.com/halthelobster

SKILL-v2.3-backup.md:526

🔗

中危外部 URL 外部 URL

https://clawdhub.com/halthelobster/bulletproof-memory

SKILL-v2.3-backup.md:550

🔗

中危外部 URL 外部 URL

https://clawdhub.com/halthelobster/para-second-brain

SKILL-v2.3-backup.md:550

目录结构

14 文件 · 80.9 KB · 2670 行

Markdown 12f · 2516L Shell 1f · 149L JSON 1f · 5L

├─ ▾ 📁 assets

│ ├─ 📝 AGENTS.md Markdown 155L · 3.8 KB

│ ├─ 📝 HEARTBEAT.md Markdown 128L · 2.9 KB

│ ├─ 📝 MEMORY.md Markdown 47L · 836 B

│ ├─ 📝 ONBOARDING.md Markdown 103L · 2.4 KB

│ ├─ 📝 SOUL.md Markdown 40L · 1.4 KB

│ ├─ 📝 TOOLS.md Markdown 55L · 1.0 KB

│ └─ 📝 USER.md Markdown 36L · 926 B

├─ ▾ 📁 references

│ ├─ 📝 onboarding-flow.md Markdown 158L · 4.0 KB

│ └─ 📝 security-patterns.md Markdown 109L · 3.0 KB

├─ ▾ 📁 scripts

│ └─ 🔧 security-audit.sh Shell 149L · 4.0 KB

├─ 📋 _meta.json JSON 5L · 137 B

├─ 📝 SKILL-v2.3-backup.md Markdown 554L · 19.7 KB

├─ 📝 SKILL-v3-draft.md Markdown 499L · 16.6 KB

└─ 📝 SKILL.md Markdown 632L · 20.4 KB

安全亮点

✓ Comprehensive prompt injection defense documented with multiple detection patterns

✓ Security audit script checks credential file permissions (600)

✓ Clear separation between internal actions and external actions requiring approval

✓ External content classification and instruction isolation well-defined

✓ Incident response procedures documented for detected attacks

✓ Skill installation vetting policy to prevent supply chain attacks

✓ Context leakage prevention for shared channels

✓ No dangerous patterns: no base64, no eval, no curl|bash, no credential harvesting

✓ Credential storage in .credentials/ with proper permission guidance

✓ MIT license with clear disclaimer