openclaw-security-guard 安全扫描报告 — 可信 | ClawSafe

5 /100

openclaw-security-guard

Lightweight security guard for auditing prompts, commands, URLs, paths, and skill folders before publishing or automation

OpenClaw Security Guard is a legitimate, well-documented security auditing tool that uses regex-based pattern matching to detect dangerous shell commands, secrets, prompt injection, SSRF, and path traversal risks. No malicious behavior detected.

技能名称openclaw-security-guard

分析耗时37.0s

引擎pi

✓

可以安装

This skill is safe to use. The IOCs flagged (curl|bash, wget|sh patterns in checklist.md) are intentional detection rules, not actual dangerous execution. Continue using for security audits.

安全发现 2 项

严重性	安全发现	位置
提示	IOC References in Checklist 文档欺骗 The checklist.md references dangerous shell patterns (curl\|bash, wget\|sh) on lines 14-15. These are intentionally documented as patterns to DETECT and block, not as actual execution. This is expected behavior for a security auditing tool. - `curl ... \| bash` - `wget ... \| sh` → No action needed - this is intentional documentation of dangerous patterns to detect.	`references/checklist.md:14`
提示	Hardcoded Obsidian Vault Path 敏感访问 write-obsidian-audit.mjs has a hardcoded path /Users/m1/Desktop/obsidianvault/ClawLite for writing audit reports. This is user-specific configuration, not data exfiltration. `const vaultDir = '/Users/m1/Desktop/obsidianvault/ClawLite';` → Consider making vault path configurable via environment variable or argument for portability.	`scripts/write-obsidian-audit.mjs:10`

资源类型	声明权限	推断权限	状态	证据
文件系统	`READ`	`READ`	✓ 一致	audit-skill-dir.mjs:25 reads target skill files for scanning
命令执行	`READ`	`READ`	✓ 一致	prepublish-guard.mjs:22 spawnSync runs audit script
网络访问	`NONE`	`NONE`	—	No network requests made
环境变量	`NONE`	`NONE`	—	Does not read or exfiltrate env vars

2 严重 2 项发现

💀

严重危险命令危险 Shell 命令

curl ... | bash

references/checklist.md:14

💀

严重危险命令危险 Shell 命令

wget ... | sh

references/checklist.md:15

目录结构

8 文件 · 12.0 KB · 302 行

JavaScript 4f · 153L Markdown 2f · 121L Shell 1f · 16L JSON 1f · 12L

├─ ▾ 📁 references

│ └─ 📝 checklist.md Markdown 30L · 1.0 KB

├─ ▾ 📁 scripts

│ ├─ 📜 audit-skill-dir.mjs JavaScript 53L · 2.3 KB

│ ├─ 🔧 install-hooks.sh Shell 16L · 493 B

│ ├─ 📜 prepublish-guard.mjs JavaScript 24L · 1.1 KB

│ ├─ 📜 security-check.mjs JavaScript 47L · 2.4 KB

│ └─ 📜 write-obsidian-audit.mjs JavaScript 29L · 1.0 KB

├─ 📋 package.json JSON 12L · 717 B

└─ 📝 SKILL.md Markdown 91L · 3.0 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`Node.js standard library only`	`N/A`	Built-in	否	No external npm dependencies required

安全亮点

✓ Comprehensive security detection rules for prompt injection, command injection, SSRF, and path traversal

✓ Well-documented SKILL.md with clear capability declarations

✓ Uses only standard Node.js libraries (fs, path, child_process) - no external dependencies with known vulnerabilities

✓ Proper ALLOW/WARN/BLOCK verdict system with actionable guidance

✓ Scans for hardcoded secrets, dangerous shell patterns, and sensitive file access

✓ No actual malicious behavior observed - all pattern matching is for detection purposes

✓ Clean, focused security tool with no obfuscation or suspicious code