扫描报告
5 /100
clawguard-guardian
ClawGuard Guardian v3 - Runtime guardian with behavior monitoring, interception, session freeze/replay, and emergency response
This is a legitimate security monitoring tool (ClawGuard Guardian v3) with no malicious behavior detected. The flagged IOCs (nc -e, /dev/tcp/, rm -rf) are documented dangerous patterns the tool is designed to detect and block, not actual malicious code.
可以安装
No action required. The skill is safe for use.
安全发现 2 项
| 严重性 | 安全发现 | 位置 |
|---|---|---|
| 提示 | Missing external rule module 供应链 | src/guardian.js:15 |
| 提示 | IOC patterns in documentation are intentional detection rules 文档欺骗 | SKILL.md:95 |
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | READ | READ | ✓ 一致 | guardian.js:140 - Only reads ~/.clawguard/logs/ for audit logs |
| 命令执行 | NONE | NONE | — | No shell execution found in code |
| 网络访问 | NONE | NONE | — | No network requests made |
| 环境变量 | NONE | NONE | — | No environment variable access |
3 严重 3 项发现
严重 危险命令 危险 Shell 命令
rm -rf / README.md:147 严重 危险命令 危险 Shell 命令
nc -e SKILL.md:95 严重 危险命令 危险 Shell 命令
/dev/tcp/ SKILL.md:180 目录结构
6 文件 · 37.6 KB · 1325 行 JavaScript 2f · 660L
Markdown 2f · 642L
JSON 2f · 23L
├─
▾
src
│ └─
guardian.js
JavaScript
├─
_meta.json
JSON
├─
cli.js
JavaScript
├─
package.json
JSON
├─
README.md
Markdown
└─
SKILL.md
Markdown
依赖分析 1 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
Node.js built-ins (fs, path, events, os) | N/A | built-in | 否 | Uses only Node.js standard library |
安全亮点
✓ No shell command execution in the codebase
✓ No credential harvesting or environment variable access
✓ No network requests or data exfiltration
✓ No obfuscation techniques (base64, eval) detected
✓ No persistent installation mechanisms (cron, startup scripts)
✓ No suspicious file paths accessed (~/.ssh, ~/.aws, .env)
✓ Clean dependencies with no known vulnerabilities
✓ Well-documented security monitoring rules