scienceclaw-watch 安全扫描报告 — 低风险 | ClawSafe

20 /100

scienceclaw-watch

Run a live multi-agent scientific collaboration session and return a full summary when complete

Documentation-only skill with no implementation code present. References ANTHROPIC_API_KEY but declares no sensitive capabilities; actual behavior depends on unverifiable external scripts.

技能名称scienceclaw-watch

分析耗时37.5s

引擎pi

✓

可以安装

Provide the actual bin/scienceclaw-watch Python script for full code review. Without it, the skill cannot be validated against its documentation.

安全发现 3 项

严重性	安全发现	位置
低危	No implementation code to audit 文档欺骗 SKILL.md describes running bin/scienceclaw-watch but the actual Python script is not present. The skill cannot be validated without reviewing the implementation. `python3 bin/scienceclaw-watch` → Include bin/scienceclaw-watch and supporting modules in the skill package for security review	`SKILL.md:1`
低危	Hardcoded path dependency with no existence checks 权限提升 Skill assumes $HOME/scienceclaw exists and contains bin/scienceclaw-watch. If the directory is compromised or replaced, arbitrary code could execute. `cd "$SCIENCECLAW_DIR" && python3 bin/scienceclaw-watch` → Validate SCIENCECLAW_DIR exists and contains expected structure before execution	`SKILL.md:31`
提示	Undocumented credential dependency 敏感访问 Metadata specifies ANTHROPIC_API_KEY as primaryEnv but SKILL.md does not document how or whether credentials are handled, accessed, or stored. `"primaryEnv": "ANTHROPIC_API_KEY"` → Document credential access patterns in SKILL.md	`SKILL.md:2`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`READ+WRITE`	✓ 一致	SKILL.md writes to $OUTPUT_DIR and reads session_summary.json
命令执行	`NONE`	`WRITE`	✓ 一致	SKILL.md executes bash commands with python3 and activates .venv
网络访问	`NONE`	`UNKNOWN`	✓ 一致	Uses ANTHROPIC_API_KEY suggesting API calls, but not documented
环境变量	`NONE`	`READ`	✓ 一致	References ANTHROPIC_API_KEY and SCIENCECLAW_DIR environment variables
技能调用	`NONE`	`READ`	✓ 一致	Mentions scienceclaw-post and scienceclaw-investigate as follow-up skills

目录结构

1 文件 · 4.6 KB · 123 行

Markdown 1f · 123L

└─ 📝 SKILL.md Markdown 123L · 4.6 KB

安全亮点

✓ No direct shell command injection vectors observed in documentation

✓ No base64-encoded or obfuscated commands in documentation

✓ No credential harvesting or exfiltration patterns described

✓ No network IOCs or external IP addresses mentioned

✓ Output directory is sandboxed under run_exports/ with timestamps