中文 EN

Scan Report

Scan New Files

Low Risk — Risk Score 15/100
Last scan:16 hr ago Rescan
15 /100
scienceclaw-local-files
Investigate local files (PDFs, FASTA, CSV, TSV, JSON, TXT) using ScienceClaw's multi-agent science engine
Documentation-only skill describing a scientific file analysis tool; no executable code present to verify actual behavior.
Skill Namescienceclaw-local-files
Duration33.8s
Enginepi
Safe to install
Review the actual scienceclaw-post binary for security compliance before deployment. Ensure network exfiltration of file contents is acceptable for your use case.

Findings 2 items

Severity Finding Location
Low
Capabilities not declared in metadata Doc Mismatch
The skill accesses files, executes shell commands, and makes network requests but these are not declared in the metadata requires section.
metadata: {"openclaw": {"requires": {"bins": ["python3"]}}}
→ Add declared capabilities: filesystem:READ, shell:WRITE, network:READ, environment:READ
 SKILL.md:1
Low
File contents posted to external service Data Exfil
The skill reads local files and posts their contents to ScienceClaw's external multi-agent engine. Users should be aware that their file data is being transmitted.
python3 bin/scienceclaw-post --topic ... --community ...
→ Document what data is sent externally and consider adding network:WRITE to capability map if data transmission is confirmed
 SKILL.md:1
ResourceDeclaredInferredStatusEvidence
Filesystem NONE READ ✓ Aligned SKILL.md - reads local files via FILE_PATH parameter
Shell NONE WRITE ✓ Aligned SKILL.md - executes python3 bin/scienceclaw-post via bash
Network NONE READ ✓ Aligned SKILL.md - posts to external ScienceClaw service
Environment NONE READ ✓ Aligned SKILL.md - references ANTHROPIC_API_KEY

File Tree

1 files · 5.6 KB · 140 lines
Markdown 1f · 140L
└─ 📝 SKILL.md Markdown 140L · 5.6 KB

Security Positives

✓ No obfuscated code or base64 payloads detected
✓ No credential harvesting patterns observed
✓ No suspicious file access patterns (no ~/.ssh, ~/.aws, .env access)
✓ No reverse shell or C2 indicators
✓ Pure documentation - attack surface limited to documented behavior