扫描报告
15 /100
skill-composer
编排多个OpenClaw技能成自动化工作流,一次命令完成复杂任务
Skill Composer is a legitimate workflow orchestrator for OpenClaw skills with no malicious indicators; uses subprocess for documented skill invocation and restricted eval for condition evaluation.
可以安装
No immediate action required. Consider pinning PyYAML version in install.sh for supply chain hygiene.
安全发现 2 项
| 严重性 | 安全发现 | 位置 |
|---|---|---|
| 低危 | Unpinned PyYAML dependency 供应链 | install.sh:21 |
| 低危 | Broad skill orchestration scope not prominently documented 文档欺骗 | skill.json:28 |
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 命令执行 | WRITE | WRITE | ✓ 一致 | source/composer.py:95 - subprocess.run(['claw', 'skill', 'exec', skill] + args) |
| 文件系统 | NONE | READ | ✓ 一致 | source/composer.py:51 - reads workflow YAML files |
| 网络访问 | NONE | NONE | — | No network requests observed |
1 项发现
中危 外部 URL 外部 URL
https://utopiabenben.github.io/ai-skills/ SKILL.md:207 目录结构
7 文件 · 19.1 KB · 703 行 Python 1f · 241L
Markdown 1f · 206L
YAML 3f · 140L
JSON 1f · 83L
Shell 1f · 33L
├─
▾
examples
│ ├─
content-creation-pipeline.yaml
YAML
│ ├─
video-processing-pipeline.yaml
YAML
│ └─
weekly-stock-report.yaml
YAML
├─
▾
source
│ └─
composer.py
Python
├─
install.sh
Shell
├─
skill.json
JSON
└─
SKILL.md
Markdown
依赖分析 1 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
PyYAML | >=5.4 | pip | 否 | Version not pinned in install.sh, but skill.json specifies >=5.4 |
安全亮点
✓ Uses yaml.safe_load() - safe YAML parsing
✓ eval() has restricted builtins: {"__builtins__": {}}
✓ No credential harvesting or environment variable enumeration
✓ No base64 encoding/decoding or obfuscation
✓ No external IP connections or data exfiltration
✓ subprocess only invokes local 'claw' command for skill execution
✓ No sensitive file path access (~/.ssh, ~/.aws, .env)
✓ No reverse shell, C2, or remote code execution indicators