zhua-contributor Security Report — Low Risk | ClawSafe

22 /100

zhua-contributor

爪爪社区贡献系统 - 发布技能到skillhub、撰写文档、分享经验

This is a placeholder/template skill with benign shell scripts that list files and display information, but contains documentation mismatch (SKILL.md references non-existent scripts) and accesses a sensitive workspace path.

Skill Namezhua-contributor

Duration40.4s

Enginepi

✓

Safe to install

Review the SKILL.md documentation accuracy. The referenced scripts (prep_skill.py, validate_skill.py, gen_docs.py, publish_skill.py) do not exist - only example.py and publish_all.sh are present. Verify this is intentional template content.

Findings 2 items

Severity	Finding	Location
Medium	SKILL.md references non-existent scripts Doc Mismatch The documentation lists 4 scripts (prep_skill.py, validate_skill.py, gen_docs.py, publish_skill.py) with command-line usage examples, but only example.py and publish_all.sh exist in the scripts/ directory. This is a documentation mismatch that could mislead users about the skill's actual functionality. `python3 scripts/prep_skill.py --skill <技能路径>` → Either implement the referenced scripts or remove them from SKILL.md documentation to avoid doc-to-code mismatch.	`SKILL.md:47`
Low	Access to OpenClaw workspace path Sensitive Access The publish_all.sh script accesses /root/.openclaw/workspace/ to check for skill packages. While this is related to the skill's purpose (publishing to skillhub), it accesses a sensitive system path. `skill_file="/root/.openclaw/workspace/${skill}.skill"` → This access is legitimate for the stated purpose, but ensure the skill declares filesystem:READ access in its capability requirements.	`scripts/publish_all.sh:17`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	publish_all.sh accesses /root/.openclaw/workspace/ only for file listing and siz…
Network	`NONE`	`NONE`	—	No network requests found in any scripts
Shell	`NONE`	`NONE`	—	Only uses bash for local file operations and echo statements
Environment	`NONE`	`NONE`	—	No environment variable access detected

File Tree

5 files · 5.7 KB · 211 lines

Markdown 2f · 103L Shell 1f · 65L Text 1f · 24L Python 1f · 19L

├─ ▾ 📁 assets

│ └─ 📄 example_asset.txt Text 24L · 865 B

├─ ▾ 📁 references

│ └─ 📝 api_reference.md Markdown 34L · 967 B

├─ ▾ 📁 scripts

│ ├─ 🐍 example.py Python 19L · 591 B

│ └─ 🔧 publish_all.sh Shell 65L · 1.5 KB

└─ 📝 SKILL.md Markdown 69L · 1.8 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`python3`	`unspecified`	system	No	Only used for placeholder example.py script

Security Positives

✓ No credential harvesting or exfiltration detected

✓ No network requests to external IPs

✓ No base64-encoded commands or obfuscation

✓ No reverse shell or C2 communication

✓ The publish_all.sh script only performs read-only operations (file existence checks and size reporting)

✓ No supply chain risks - only standard libraries used in example.py

✓ Scripts are simple and easily auditable

Scan Report

Findings 2 items

File Tree

Dependencies 1 items

Security Positives