agent-guardian 安全扫描报告 — 低风险 | ClawSafe

20 /100

agent-guardian

AI助手体验守护系统：看门狗监控、智能状态汇报、即时查询、语言一致性过滤、消息队列追踪

A legitimate AI assistant monitoring/guardian skill with appropriate file and shell permissions for status tracking and language filtering. No malicious behavior detected.

技能名称agent-guardian

分析耗时40.2s

引擎pi

✓

可以安装

Approve for use. Consider pinning langdetect version in install.sh for better supply chain hygiene.

安全发现 2 项

严重性	安全发现	位置
低危	Unpinned dependency version 供应链 langdetect package installed without version constraint, potential supply chain risk `pip3 install langdetect -q` → Use 'pip3 install langdetect==1.0.9' or similar pinned version	`scripts/install.sh:53`
低危	Systemd service runs as root 权限提升 Status query daemon configured to run as User=root in systemd service file `User=root` → Document why root is required; consider using a dedicated service account if possible	`scripts/install.sh:73`

资源类型	声明权限	推断权限	状态	证据
文件系统	`WRITE`	`WRITE`	✓ 一致	install.sh:52 writes to /tmp, patch scripts modify plugin dirs
命令执行	`WRITE`	`WRITE`	✓ 一致	supervisor.sh, install.sh use subprocess calls
环境变量	`NONE`	`READ`	✓ 一致	Scripts read PATH, HOME but no sensitive keys
网络访问	`NONE`	`NONE`	—	Uses openclaw CLI only, no raw network calls
技能调用	`NONE`	`NONE`	—	N/A
剪贴板	`NONE`	`NONE`	—	N/A
浏览器	`NONE`	`NONE`	—	N/A
数据库	`NONE`	`NONE`	—	Uses JSON files in /tmp only

目录结构

14 文件 · 39.9 KB · 1214 行

Shell 7f · 567L Markdown 3f · 353L Python 3f · 285L JSON 1f · 9L

├─ ▾ 📁 references

│ └─ ▾ 📁 patches

│ ├─ 📝 generic.md Markdown 86L · 2.9 KB

│ └─ 📝 qqbot.md Markdown 132L · 3.8 KB

├─ ▾ 📁 scripts

│ ├─ 🔧 apply-qqbot-patch.sh Shell 93L · 4.2 KB

│ ├─ 🐍 detect-language.py Python 60L · 1.7 KB

│ ├─ 🔧 install.sh Shell 132L · 4.4 KB

│ ├─ 🐍 lang-filter.py Python 89L · 3.2 KB

│ ├─ 🐍 msg-queue.py Python 136L · 4.9 KB

│ ├─ 🔧 reset-work-state.sh Shell 22L · 516 B

│ ├─ 🔧 smart-status-report.sh Shell 56L · 1.9 KB

│ ├─ 🔧 status-query-daemon.sh Shell 70L · 2.2 KB

│ ├─ 🔧 supervisor.sh Shell 142L · 3.8 KB

│ └─ 🔧 update-work-state.sh Shell 52L · 1.3 KB

├─ 📋 _meta.json JSON 9L · 393 B

└─ 📝 SKILL.md Markdown 135L · 4.8 KB

依赖分析 2 项

包名	版本	来源	已知漏洞	备注
`langdetect`	`*`	pip	否	Version not pinned - update to: langdetect==1.0.9
`inotify-tools`	`system`	apt	否	System package for file monitoring

安全亮点

✓ All file operations are confined to /tmp and documented skill directory

✓ No credential harvesting or sensitive path access detected

✓ No external network connections or data exfiltration

✓ Configuration stored locally, not transmitted externally

✓ Source file modifications are documented in apply-qqbot-patch.sh

✓ Backup of original files created before patching

✓ Lock file mechanism prevents duplicate daemon instances

✓ No base64 obfuscation or suspicious shell patterns