中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:1 day ago Rescan
5 /100
skill-drift-guard
Trust-then-verify integrity scanner for local repos and OpenClaw skills
This is a legitimate integrity scanner that detects risky patterns in AI skills. The documented 'curl | bash' is a threat pattern being detected, not executed code. The tool performs only local file analysis with no exfiltration capabilities.
Skill Nameskill-drift-guard
Duration41.1s
Enginepi
Safe to install
This skill is safe to use. No security concerns identified.
ResourceDeclaredInferredStatusEvidence
Filesystem READ READ ✓ Aligned SKILL.md declares scan/trust/compare workflows; scanner.js reads files only for …
Shell WRITE WRITE ✓ Aligned Uses 'node' CLI to run scanner; child_process detection is for scanning targets,…
Network NONE NONE No network imports or external requests found in code
Environment NONE NONE No os.environ access or credential harvesting
Skill Invoke NONE NONE No inter-skill invocation
Clipboard NONE NONE No clipboard access
Browser NONE NONE No browser automation
Database NONE NONE No database access
1 Critical 1 findings
💀
Critical Dangerous Command 危险 Shell 命令
curl | bash
SKILL.md:77

File Tree

6 files · 83.4 KB · 2868 lines
JavaScript 5f · 2751L Markdown 1f · 117L
├─ 📁 scripts
│ ├─ 📜 cli.js JavaScript 756L · 23.1 KB
│ ├─ 📜 reporters.js JavaScript 588L · 19.7 KB
│ ├─ 📜 rules.js JavaScript 210L · 4.8 KB
│ ├─ 📜 scanner.js JavaScript 1194L · 32.2 KB
│ └─ 📜 version.js JavaScript 3L · 41 B
└─ 📝 SKILL.md Markdown 117L · 3.5 KB

Dependencies 1 items

PackageVersionSourceKnown VulnsNotes
none N/A none No Uses only Node.js built-in modules (fs, path, crypto)

Security Positives

✓ No external network requests or data exfiltration
✓ No credential harvesting or environment variable access
✓ No arbitrary code execution (scanner only reads/analyzes, doesn't execute scanned code)
✓ No base64 obfuscation or eval() usage in self
✓ Uses only Node.js standard library (fs, path, crypto) - no external dependencies
✓ Well-documented threat detection patterns
✓ Includes trust-then-verify workflow for safe baseline management
✓ Supports suppression config to reduce false positives
✓ Pattern detection is for defensive scanning, not offensive execution