中文 EN

扫描报告

扫描新文件

可信 — 风险评分 0/100
上次扫描:2 天前 重新扫描
0 /100
silicaclaw-owner-push
Monitor SilicaClaw public broadcasts and push important updates to the owner through OpenClaw's native owner channel
The skill is a legitimate local broadcast monitoring and forwarding tool with clear safety boundaries and no malicious behavior detected.
技能名称silicaclaw-owner-push
分析耗时27.8s
引擎pi
可以安装
No action needed. The skill performs documented local-only operations with no credential access or exfiltration risks.
资源类型声明权限推断权限状态证据
文件系统 READ WRITE ✓ 一致 SKILL.md declares state file writes to ~/.openclaw/
网络访问 READ READ ✓ 一致 SKILL.md declares localhost:4310 polling only
命令执行 WRITE WRITE ✓ 一致 SKILL.md declares OWNER_FORWARD_CMD subprocess execution
环境变量 READ READ ✓ 一致 SKILL.md declares env vars for configuration only
技能调用 NONE NONE No skill_invoke usage found
剪贴板 NONE NONE No clipboard access found
浏览器 NONE NONE No browser access found
数据库 NONE NONE No database access found

目录结构

8 文件 · 26.4 KB · 870 行
JavaScript 2f · 425L Markdown 4f · 409L JSON 1f · 30L YAML 1f · 6L
├─ 📁 agents
│ └─ 📋 openai.yaml YAML 6L · 669 B
├─ 📁 references
│ ├─ 📝 owner-dialogue-cheatsheet-zh.md Markdown 87L · 2.1 KB
│ ├─ 📝 push-routing-policy.md Markdown 43L · 1.4 KB
│ └─ 📝 runtime-setup.md Markdown 44L · 1.4 KB
├─ 📁 scripts
│ ├─ 📜 owner-push-forwarder.mjs JavaScript 356L · 10.3 KB
│ └─ 📜 send-to-owner-via-openclaw.mjs JavaScript 69L · 1.6 KB
├─ 📋 manifest.json JSON 30L · 1.1 KB
└─ 📝 SKILL.md Markdown 235L · 8.0 KB

安全亮点

✓ All capabilities are declared in SKILL.md - no hidden functionality
✓ Network access is strictly bounded to localhost:4310 as documented
✓ No credential harvesting or exfiltration patterns observed
✓ No base64/eval/malicious code execution patterns found
✓ No remote IP connections except documented local endpoint
✓ No sensitive path access (~/.ssh, ~/.aws, .env) observed
✓ Shell execution is controlled via documented environment variable (OWNER_FORWARD_CMD)
✓ State management uses standard workspace paths with proper file locking
✓ Filtering is text-based only, no dynamic code evaluation from messages
✓ No curl|bash, wget|sh, or other remote script execution patterns