杠精 (gangjing) 安全扫描报告 — 可信 | ClawSafe

5 /100

杠精 (gangjing)

A contrarian review and red-team skill for product, architecture, and code decisions — challenges technical assumptions and can run code attack engines

杠精 is a legitimate red-team code review skill containing only Markdown reference documentation and a non-executable harness template; no actual scripts, credentials, network calls, or obfuscation are present.

技能名称杠精 (gangjing)

分析耗时34.7s

引擎pi

✓

可以安装

No action needed. This skill is a pure documentation package — no actual executable code is included. If deploying the canonical full-repo version, ensure scripts/ are reviewed for proper sandboxing as documented.

资源类型	声明权限	推断权限	状态	证据
文件系统	`READ`	`READ`	✓ 一致	SKILL.md references/ — only Markdown files present, no write operations
网络访问	`NONE`	`NONE`	—	No network calls in any file
命令执行	`WRITE`	`WRITE`	✓ 一致	SKILL.md shell:WRITE declared for running harness.py/js; scripts/ absent in this…
环境变量	`NONE`	`NONE`	—	No environment variable access in any file
技能调用	`NONE`	`NONE`	—	No inter-skill invocation
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser access
数据库	`NONE`	`NONE`	—	No database access

1 严重 2 项发现

💀

严重危险命令危险 Shell 命令

rm -rf /

references/attack-patterns.md:166

📧

提示邮箱邮箱地址

[email protected]

references/attack-patterns.md:768

目录结构

10 文件 · 89.3 KB · 2756 行

Markdown 10f · 2756L

├─ ▾ 📁 references

│ ├─ 📝 attack-dimensions.md Markdown 248L · 7.6 KB

│ ├─ 📝 attack-patterns.md Markdown 778L · 20.7 KB

│ ├─ 📝 intensity-calibration.md Markdown 146L · 4.3 KB

│ └─ 📝 tool-integration.md Markdown 137L · 3.6 KB

├─ ▾ 📁 templates

│ ├─ 📝 attack-engine-kit.md Markdown 739L · 24.5 KB

│ └─ 📝 decision-autopsy.md Markdown 89L · 2.1 KB

├─ 📝 PROMO.md Markdown 24L · 635 B

├─ 📝 README.md Markdown 162L · 7.5 KB

├─ 📝 SKILL.md Markdown 392L · 17.2 KB

└─ 📝 USAGE.md Markdown 41L · 1.3 KB

安全亮点

✓ SKILL.md explicitly declares shell:WRITE for harness execution — doc-to-code alignment is clear

✓ Attack engine has documented security boundaries: target_module must be within attack config directory, no ~ or system paths

✓ Harness uses process isolation (multiprocessing spawn/fork) with per-attack timeouts

✓ No credentials, .env files, SSH keys, or sensitive paths accessed anywhere

✓ No network requests, exfiltration, or C2 communication

✓ No base64, eval, or obfuscation patterns found

✓ No curl|bash, wget|sh, or pip install without pinning

✓ IOC 'rm -rf /' is purely a documented command-injection payload example in references/attack-patterns.md, not executable code

✓ Package is intentionally registry-safe: no ready-to-run scripts bundled, only Markdown documentation and a template