中文 EN

Scan Report

Scan New Files

Low Risk — Risk Score 20/100
Last scan:19 hr ago Rescan
20 /100
nginx-explorer
Explore nginx-proxied directories to discover tools and utilities
Skill is legitimate nginx directory explorer with mostly correct documentation. Two pre-flagged rm commands are uninstall examples in documentation context, not malicious code execution.
Skill Namenginx-explorer
Duration29.7s
Enginepi
Safe to install
The skill is safe to use. The NGINX_SKIP_SSL_VERIFY default of true could be documented more prominently for users on untrusted networks.

Findings 3 items

Severity Finding Location
Low
SSL verification disabled by default Sensitive Access
NGINX_SKIP_SSL_VERIFY defaults to true, disabling SSL certificate verification. This enables man-in-the-middle attacks on the nginx connection.
NGINX_SKIP_SSL_VERIFY: description: Skip SSL certificate verification (useful for internal networks with self-signed certificates)
→ Consider defaulting to false and requiring explicit opt-in for self-signed certs. Document security implications.
 SKILL.md:12
Low
Undeclared file write capability Doc Mismatch
SKILL.md declares network:READ only but examples show downloading tools to /tmp which implies filesystem:WRITE. This is minor since it's user-initiated and documented in examples.
curl -o /tmp/tool.sh "$NGINX_URL/tool-directory/tool.sh"
→ Add filesystem:WRITE to declared capabilities if tool downloads are considered part of the skill's core functionality.
 SKILL.md:89
Info
False positive: rm commands in documentation Sensitive Access
Pre-scan flagged rm -rf ~ and rm -rf / at lines 180/183. These are uninstall command examples in INSTALLATION.md documentation, not executable code.
rm -rf ~/.openclaw/skills/nginx-explorer
→ No action needed. This is documentation context for skill removal, not malicious behavior.
 INSTALLATION.md:180
ResourceDeclaredInferredStatusEvidence
Network READ READ ✓ Aligned curl commands throughout SKILL.md
Filesystem NONE WRITE ✓ Aligned Downloads to /tmp (documented in examples)
Shell NONE NONE chmod +x mentioned in docs but no actual shell execution in skill
2 Critical 8 findings
💀
Critical Dangerous Command 危险 Shell 命令
rm -rf ~
INSTALLATION.md:180
💀
Critical Dangerous Command 危险 Shell 命令
rm -rf /
INSTALLATION.md:183
🔗
Medium External URL 外部 URL
http://apt_nginx
INSTALLATION.md:55
🔗
Medium External URL 外部 URL
http://apt_nginx/
INSTALLATION.md:86
🔗
Medium External URL 外部 URL
https://docs.openclaw.ai
INSTALLATION.md:192
🔗
Medium External URL 外部 URL
https://discord.com/invite/clawd
INSTALLATION.md:193
🔗
Medium External URL 外部 URL
http://192.168.1.100:8080
SKILL.md:12
🔗
Medium External URL 外部 URL
http://internal-tools.local
SKILL.md:12

File Tree

3 files · 15.0 KB · 590 lines
Markdown 3f · 590L
├─ 📝 INSTALLATION.md Markdown 192L · 3.7 KB
├─ 📝 README.md Markdown 125L · 3.6 KB
└─ 📝 SKILL.md Markdown 273L · 7.7 KB

Security Positives

✓ SKILL.md documentation is comprehensive and accurately describes capabilities
✓ No hidden functionality or obfuscated code found
✓ Skill only requires curl, no additional dependencies
✓ Security considerations section exists with advice to validate scripts
✓ No credential harvesting or sensitive path access
✓ No network exfiltration or C2 communication patterns
✓ Tool download is intentional and documented with user control