中文 EN

Scan Report

Scan New Files

High Risk — Risk Score 72/100
Last scan:1 day ago Rescan
72 /100
grinders-farm
Farming game skill - but contains hidden unrelated infrastructure code
The skill contains severe doc deception with start.sh implementing completely unrelated infrastructure code (Docker scheduler, tiny_sage) hidden from SKILL.md, plus undeclared shell execution that contradicts documentation claims of 'no shell/exec'.
Skill Namegrinders-farm
Duration66.6s
Enginepi
Do not install this skill
Do not use this skill. The start.sh file contains unrelated infrastructure code (scheduler, Docker, cloudbuild paths) that has nothing to do with farming. SKILL.md explicitly states 'no shell/exec' but code uses spawn/spawnSync extensively for openclaw CLI and npx tsx commands.

Attack Chain 4 steps

Entry Skill presents as farming game in SKILL.md with misleading documentation
SKILL.md:1
Escalation start.sh contains hidden infrastructure code for Docker scheduler unrelated to farming
start.sh:1
Escalation Code executes shell commands via spawn/spawnSync despite SKILL.md claiming no shell/exec
src/index.ts:58
Escalation Process enumeration via ps command for process management
src/index.ts:42

Findings 5 items

Severity Finding Location
Critical
start.sh contains completely unrelated code Doc Mismatch
start.sh implements Docker scheduler infrastructure with tiny_sage, cloudbuild paths, and unrelated integrations - nothing to do with farming
#!/usr/bin/env bash
# start.sh — 启动 schedule api worker (ocl借助 tiny_sage)

CONFIGS_DIR="domains/cloudbuild/scheduler-only.yaml"
→ Delete start.sh or document its actual purpose in SKILL.md
 start.sh:1
High
SKILL.md claims no shell execution but code violates this Doc Mismatch
SKILL.md explicitly states '不用 shell/exec/cargo 等其它执行路径' but src/index.ts, openclaw-push.ts, and openclaw-plugin/index.ts use spawnSync/spawn
2. 不用 shell/exec/cargo 等其它执行路径。
→ Update SKILL.md to declare actual shell execution requirements or remove subprocess usage
 SKILL.md:6
Medium
Undeclared subprocess execution via npx tsx RCE
Code spawns 'npx tsx' processes to run TypeScript workers without documentation
spawn(worker.cmd, worker.args, {...})
→ Document all external command invocations in SKILL.md
 src/index.ts:58
Medium
Process enumeration via ps command RCE
listRunningAutoWorkerPids() runs 'ps -Ao pid,command' to enumerate processes
spawnSync('ps', ['-Ao', 'pid,command'], {...})
→ Document process enumeration behavior
 src/index.ts:42
Low
Access to home directory for config files Sensitive Access
Skill reads/writes to ~/.grinders-farm/ directory
const DEFAULT_DIR = path.join(os.homedir(), '.grinders-farm')
→ Document home directory access in SKILL.md
 src/storage/local-storage.ts:20
ResourceDeclaredInferredStatusEvidence
Filesystem READ WRITE ✗ Violation SKILL.md declares no exec, but src/index.ts:58 spawns processes
Shell NONE WRITE ✗ Violation SKILL.md explicitly says '不用 shell/exec' but multiple files use spawn/spawnSync
Network NONE READ ✓ Aligned openclaw-push.ts sends messages via openclaw CLI

File Tree

34 files · 156.7 KB · 4997 lines
TypeScript 22f · 3570L JSON 6f · 982L Markdown 4f · 373L Shell 1f · 38L JavaScript 1f · 34L
├─ 📁 openclaw-plugin
│ ├─ 📜 delivery.ts TypeScript 177L · 6.3 KB
│ ├─ 📜 index.ts TypeScript 446L · 16.4 KB
│ ├─ 📋 openclaw.plugin.json JSON 23L · 899 B
│ ├─ 📋 package.json JSON 31L · 655 B
│ ├─ 📝 README.md Markdown 92L · 1.7 KB
│ ├─ 📜 start-image-server.ts TypeScript 86L · 2.6 KB
│ ├─ 📜 start-local-auto.ts TypeScript 137L · 4.0 KB
│ └─ 📋 tsconfig.json JSON 17L · 424 B
├─ 📁 scripts
│ ├─ 📜 generate-tiles.ts TypeScript 163L · 4.3 KB
│ └─ 📜 sync-skill.mjs JavaScript 34L · 1.0 KB
├─ 📁 src
│ ├─ 📁 adapters
│ │ ├─ 📜 auto-worker.ts TypeScript 87L · 2.7 KB
│ │ ├─ 📜 daemon.ts TypeScript 10L · 267 B
│ │ ├─ 📜 image-server.ts TypeScript 107L · 2.7 KB
│ │ ├─ 📜 oneshot.ts TypeScript 41L · 1.4 KB
│ │ └─ 📜 terminal.ts TypeScript 79L · 2.0 KB
│ ├─ 📁 game
│ │ ├─ 📜 crops.ts TypeScript 84L · 2.2 KB
│ │ ├─ 📜 engine.ts TypeScript 266L · 7.7 KB
│ │ ├─ 📜 farm.ts TypeScript 418L · 14.7 KB
│ │ └─ 📜 types.ts TypeScript 85L · 1.9 KB
│ ├─ 📁 notify
│ │ ├─ 📜 openclaw-delivery.ts TypeScript 126L · 4.7 KB
│ │ └─ 📜 openclaw-push.ts TypeScript 501L · 18.5 KB
│ ├─ 📁 render
│ │ ├─ 📜 ansi-renderer.ts TypeScript 52L · 1.4 KB
│ │ ├─ 📜 image-renderer.ts TypeScript 231L · 7.6 KB
│ │ └─ 📜 text-renderer.ts TypeScript 81L · 2.7 KB
│ ├─ 📁 storage
│ │ └─ 📜 local-storage.ts TypeScript 114L · 3.0 KB
│ ├─ 📜 index.ts TypeScript 8L · 572 B
│ └─ 📜 local-auto.ts TypeScript 271L · 8.6 KB
├─ 📋 package-lock.json JSON 846L · 25.0 KB
├─ 📋 package.json JSON 46L · 1.1 KB
├─ 📝 README.md Markdown 119L · 2.6 KB
├─ 📝 RELEASE_CHECKLIST.md Markdown 73L · 2.7 KB
├─ 📝 SKILL.md Markdown 89L · 2.7 KB
├─ 🔧 start.sh Shell 38L · 1.3 KB
└─ 📋 tsconfig.json JSON 19L · 473 B

Dependencies 3 items

PackageVersionSourceKnown VulnsNotes
@napi-rs/canvas ^0.1.97 npm No Image rendering library, version not pinned
tsx ^4.21.0 npm devDependency No TypeScript executor, version not pinned
typescript ^5.9.3 npm devDependency No TypeScript compiler, version not pinned

Security Positives

✓ Farming game logic itself appears legitimate with no malicious code
✓ No evidence of credential theft or API key harvesting
✓ No base64-encoded commands or obfuscation observed
✓ No C2 communication or external IP connections
✓ No reverse shell or remote code execution vulnerabilities
✓ Dependencies (@napi-rs/canvas) are standard image rendering library