ai-intelligent-audit-logging 安全扫描报告 — 低风险 | ClawSafe

10 /100

ai-intelligent-audit-logging

审计日志，操作记录 + 合规审计。AI intelligent audit logging system with operation recording, audit queries, compliance checking, data analysis, and report generation.

This skill contains only documentation (SKILL.md and skill.json) with no executable code. The installation instructions reference an external GitHub repository which could theoretically introduce supply chain risk, but the delivered package itself contains no malicious artifacts.

技能名称ai-intelligent-audit-logging

分析耗时20.1s

引擎pi

✓

可以安装

If deploying this skill, verify the external GitHub repository (github.com/openclaw-skills/ai-intelligent-audit-logging) before following installation instructions. Request the actual source code for security review before installation in production environments.

安全发现 2 项

严重性	安全发现	位置
低危	Unpinned external dependency 供应链 SKILL.md instructs users to clone from github.com/openclaw-skills/ai-intelligent-audit-logging without a pinned commit SHA or specific version tag `git clone https://github.com/openclaw-skills/ai-intelligent-audit-logging` → Pin to a specific commit hash or version tag to prevent potential repo tampering	`SKILL.md:42`
低危	Unpinned pip dependencies 供应链 Installation uses 'pip install -r requirements.txt' without specifying pinned versions in the package `pip install -r requirements.txt` → Provide a requirements.txt with pinned versions or verify upstream package versions	`SKILL.md:43`

目录结构

2 文件 · 1.2 KB · 58 行

Markdown 1f · 51L JSON 1f · 7L

├─ 📋 skill.json JSON 7L · 213 B

└─ 📝 SKILL.md Markdown 51L · 972 B

安全亮点

✓ No executable code present in the delivered package

✓ No credential harvesting patterns detected

✓ No network exfiltration code present

✓ No obfuscation techniques observed

✓ No sensitive file access attempts