中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:1 day ago Rescan
5 /100
grocery-checklist
Persistent pantry-backed grocery checklist for OpenClaw with Telegram shopping-list UI
A legitimate grocery checklist skill with clear purpose, no obfuscation, no credential theft, and behavior fully consistent with its documentation.
Skill Namegrocery-checklist
Duration52.2s
Enginepi
Safe to install
Skill is safe to use. Consider adding explicit network:WRITE declaration in SKILL.md for completeness, but this is a minor documentation gap with no security impact.

Findings 1 items

Severity Finding Location
Low
Network access not declared in SKILL.md metadata Doc Mismatch
SKILL.md metadata section declares reads and writes for filesystem paths but omits network access. Telegram API POSTs (network:WRITE) are made in both grocery.py and telegram_bot.py. README.md and SETUP.md document the Telegram integration, making intent transparent, but SKILL.md alone is incomplete.
metadata.openclaw.reads/writes declared but network permissions absent
→ Add a network:WRITE declaration to SKILL.md metadata if strict compliance is required, or clarify that network access flows through OpenClaw's managed route.
 SKILL.md:17
ResourceDeclaredInferredStatusEvidence
Filesystem READ WRITE ✓ Aligned grocery.py:save_state() writes JSON; SKILL.md metadata.writes[] covers both stat…
Network NONE WRITE ✓ Aligned grocery.py:394 and telegram_bot.py:34 make POST requests to https://api.telegram…
Shell NONE WRITE ✓ Aligned grocery.py:267 subprocess.run(['openclaw',...]) and telegram_bot.py:61 subproces…
1 findings
🔗
Medium External URL 外部 URL
https://api.telegram.org/bot
scripts/grocery.py:394

File Tree

7 files · 43.8 KB · 1339 lines
Python 2f · 1086L Markdown 4f · 248L Shell 1f · 5L
├─ 📁 scripts
│ ├─ 🐍 grocery.py Python 731L · 25.0 KB
│ ├─ 🔧 grocery.sh Shell 5L · 141 B
│ └─ 🐍 telegram_bot.py Python 355L · 11.4 KB
├─ 📝 AGENTS.md Markdown 8L · 349 B
├─ 📝 README.md Markdown 71L · 2.2 KB
├─ 📝 SETUP.md Markdown 102L · 2.9 KB
└─ 📝 SKILL.md Markdown 67L · 1.9 KB

Security Positives

✓ No base64-encoded payloads, obfuscation, or anti-analysis techniques present
✓ No credential harvesting — Telegram bot token is read from openclaw.json and used only for legitimate Telegram API calls
✓ No sensitive path access beyond declared openclaw config and state files
✓ No environment variable iteration for secrets
✓ No curl|bash or wget|sh remote script downloads
✓ No hidden instructions in comments or HTML
✓ subprocess.run uses command lists (no shell=True) — no shell injection vector
✓ Input validation on all Telegram callback data via regex (callback_data: gchk:...)
✓ Allowlist-based Telegram user access control in telegram_bot.py poll_forever()
✓ Dry-run mode available for safe testing
✓ Clean state repair/rollback logic in salvage_json_object() and prune_corrupted_items()