扫描报告
5 /100
clawguard-security-checker
Enterprise-grade security configuration analyzer and runtime integrity verifier for OpenClaw environments
ClawGuard Security Checker is a legitimate OpenClaw configuration analyzer that reads config files, checks permissions, and generates hardening recommendations with no malicious behavior detected.
可以安装
This skill is safe to use. No security concerns identified.
安全发现 1 项
| 严重性 | 安全发现 | 位置 |
|---|---|---|
| 低危 | Minor documentation gap on file output 文档欺骗 | SKILL.md:1 |
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | READ | READ | ✓ 一致 | SKILL.md:47 - Find and read ~/.openclaw/openclaw.json |
| 文件系统 | NONE | WRITE | ✓ 一致 | cli.js:61,74 - fs.writeFileSync for report and hardened config output |
| 网络访问 | NONE | NONE | — | No network calls in cli.js or src/checker.js |
| 命令执行 | NONE | NONE | — | No child_process usage in codebase |
| 环境变量 | NONE | NONE | — | No os.environ iteration or credential harvesting |
目录结构
6 文件 · 43.9 KB · 1280 行 JavaScript 2f · 654L
Markdown 2f · 604L
JSON 2f · 22L
├─
▾
src
│ └─
checker.js
JavaScript
├─
_meta.json
JSON
├─
cli.js
JavaScript
├─
package.json
JSON
├─
README.md
Markdown
└─
SKILL.md
Markdown
依赖分析 1 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
none | N/A | N/A | 否 | No npm dependencies - uses only built-in Node.js modules (fs, path, crypto) |
安全亮点
✓ No shell execution (child_process) - pure Node.js fs/path/crypto APIs
✓ No network requests - fully offline configuration analysis
✓ No credential harvesting - only pattern-matches exposed secrets in config files, does not exfiltrate
✓ No sensitive path access - only reads ~/.openclaw/, never accesses ~/.ssh, ~/.aws, or .env
✓ No obfuscation - clean, readable code with no base64 or eval patterns
✓ No supply chain risk - zero dependencies in package.json
✓ Legitimate security tool purpose - validates and hardens OpenClaw configurations
✓ No persistence mechanisms - no cron, startup hooks, or backdoor installation