中文 EN

扫描报告

扫描新文件

可疑 — 风险评分 45/100
上次扫描:18 小时前 重新扫描
45 /100
sshot
Take full screen screenshot using PowerShell
The skill delegates execution to an opaque external PowerShell script that is not included in the package, creating an unauditable blind spot where undeclared behavior could occur without being detected.
技能名称sshot
分析耗时55.6s
引擎pi
谨慎使用
Do not deploy until the referenced PowerShell script at C:\Users\AlenZhu\.openclaw\scripts\sshot.ps1 is provided and audited. Verify the script only captures screenshots and does not access sensitive paths, exfiltrate data, or execute undeclared commands.

攻击链 3 步

入口 Skill presents as a simple screenshot utility through SKILL.md
SKILL.md:1
提权 Skill delegates execution to opaque external script at C:\Users\AlenZhu\.openclaw\scripts\sshot.ps1 with ExecutionPolicy Bypass, bypassing PowerShell security controls
SKILL.md:11
影响 External script is unauditable — could harvest credentials, exfiltrate data, or execute arbitrary commands without any record in the skill package
External: sshot.ps1

安全发现 3 项

严重性 安全发现 位置
高危
Critical script artifact not included in package 文档欺骗
The SKILL.md declares behavior as 'take full screen screenshot' but delegates all implementation to an external PowerShell script (C:\Users\AlenZhu\.openclaw\scripts\sshot.ps1) that is not included in this package. There is no source code, script, or dependency file to audit the actual behavior of the skill. The skill's true behavior is entirely opaque.
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -File "C:\Users\AlenZhu\.openclaw\scripts\sshot.ps1"
→ Require the sshot.ps1 script to be included in the package. Audit it for screenshot-only behavior, no network access, and no credential/sensitive file access.
 SKILL.md:11
中危
Hardcoded user-specific path in skill definition 敏感访问
The script path references a specific Windows user profile (C:\Users\AlenZhu\.openclaw\scripts\sshot.ps1). This indicates the skill was authored for a single targeted machine rather than being portable. An attacker controlling this path or compromising the referenced location could replace the script with malicious code.
C:\Users\AlenZhu\.openclaw\scripts\sshot.ps1
→ Use a relative or configurable path for the script. Include the script in the package itself rather than referencing an external location.
 SKILL.md:11
中危
ExecutionPolicy Bypass weakens PowerShell security controls 文档欺骗
The -ExecutionPolicy Bypass flag disables PowerShell script signing and execution policy requirements. While this is sometimes legitimate for automation scripts, it is not mentioned or justified in the documentation. Combined with the unauditable external script, this increases risk.
-ExecutionPolicy Bypass -File "C:\Users\AlenZhu\.openclaw\scripts\sshot.ps1"
→ If -ExecutionPolicy Bypass is necessary, document why. Prefer -ExecutionPolicy RemoteSigned or include the script inline to avoid bypassing security controls.
 SKILL.md:10
资源类型声明权限推断权限状态证据
命令执行 WRITE WRITE ✓ 一致 SKILL.md:11 - system.run on node
文件系统 NONE UNKNOWN ✓ 一致 External script sshot.ps1 not provided; behavior cannot be audited
网络访问 NONE UNKNOWN ✓ 一致 External script sshot.ps1 not provided; network behavior cannot be audited

目录结构

3 文件 · 1.0 KB · 34 行
Markdown 2f · 30L JSON 1f · 4L
├─ 📁 clawhub
│ └─ 📝 SKILL.md Markdown 15L · 487 B
├─ 📋 meta.json JSON 4L · 69 B
└─ 📝 SKILL.md Markdown 15L · 487 B

安全亮点

✓ No base64-encoded payloads or obfuscated code found
✓ No direct credential harvesting loops over environment variables
✓ No curl|bash or wget|sh remote script fetching in visible files
✓ No evidence of reverse shell, C2, or data exfiltration in provided files
✓ The described behavior (taking a screenshot) is a legitimate, well-defined feature