grinders-farm 安全扫描报告 — 高风险 | ClawSafe

72 /100

grinders-farm

Farming game skill - but contains hidden unrelated infrastructure code

The skill contains severe doc deception with start.sh implementing completely unrelated infrastructure code (Docker scheduler, tiny_sage) hidden from SKILL.md, plus undeclared shell execution that contradicts documentation claims of 'no shell/exec'.

技能名称grinders-farm

分析耗时66.6s

引擎pi

⛔

不要安装此技能

Do not use this skill. The start.sh file contains unrelated infrastructure code (scheduler, Docker, cloudbuild paths) that has nothing to do with farming. SKILL.md explicitly states 'no shell/exec' but code uses spawn/spawnSync extensively for openclaw CLI and npx tsx commands.

攻击链 4 步

◎

入口 Skill presents as farming game in SKILL.md with misleading documentation

SKILL.md:1

⬡

提权 start.sh contains hidden infrastructure code for Docker scheduler unrelated to farming

start.sh:1

⬡

提权 Code executes shell commands via spawn/spawnSync despite SKILL.md claiming no shell/exec

src/index.ts:58

⬡

提权 Process enumeration via ps command for process management

src/index.ts:42

安全发现 5 项

严重性	安全发现	位置
严重	start.sh contains completely unrelated code 文档欺骗 start.sh implements Docker scheduler infrastructure with tiny_sage, cloudbuild paths, and unrelated integrations - nothing to do with farming `#!/usr/bin/env bash # start.sh — 启动 schedule api worker (ocl借助 tiny_sage) CONFIGS_DIR="domains/cloudbuild/scheduler-only.yaml"` → Delete start.sh or document its actual purpose in SKILL.md	`start.sh:1`
高危	SKILL.md claims no shell execution but code violates this 文档欺骗 SKILL.md explicitly states '不用 shell/exec/cargo 等其它执行路径' but src/index.ts, openclaw-push.ts, and openclaw-plugin/index.ts use spawnSync/spawn `2. 不用 shell/exec/cargo 等其它执行路径。` → Update SKILL.md to declare actual shell execution requirements or remove subprocess usage	`SKILL.md:6`
中危	Undeclared subprocess execution via npx tsx 代码执行 Code spawns 'npx tsx' processes to run TypeScript workers without documentation `spawn(worker.cmd, worker.args, {...})` → Document all external command invocations in SKILL.md	`src/index.ts:58`
中危	Process enumeration via ps command 代码执行 listRunningAutoWorkerPids() runs 'ps -Ao pid,command' to enumerate processes `spawnSync('ps', ['-Ao', 'pid,command'], {...})` → Document process enumeration behavior	`src/index.ts:42`
低危	Access to home directory for config files 敏感访问 Skill reads/writes to ~/.grinders-farm/ directory `const DEFAULT_DIR = path.join(os.homedir(), '.grinders-farm')` → Document home directory access in SKILL.md	`src/storage/local-storage.ts:20`

资源类型	声明权限	推断权限	状态	证据
文件系统	`READ`	`WRITE`	✗ 越权	SKILL.md declares no exec, but src/index.ts:58 spawns processes
命令执行	`NONE`	`WRITE`	✗ 越权	SKILL.md explicitly says '不用 shell/exec' but multiple files use spawn/spawnSync
网络访问	`NONE`	`READ`	✓ 一致	openclaw-push.ts sends messages via openclaw CLI

目录结构

34 文件 · 156.7 KB · 4997 行

TypeScript 22f · 3570L JSON 6f · 982L Markdown 4f · 373L Shell 1f · 38L JavaScript 1f · 34L

├─ ▾ 📁 openclaw-plugin

│ ├─ 📜 delivery.ts TypeScript 177L · 6.3 KB

│ ├─ 📜 index.ts TypeScript 446L · 16.4 KB

│ ├─ 📋 openclaw.plugin.json JSON 23L · 899 B

│ ├─ 📋 package.json JSON 31L · 655 B

│ ├─ 📝 README.md Markdown 92L · 1.7 KB

│ ├─ 📜 start-image-server.ts TypeScript 86L · 2.6 KB

│ ├─ 📜 start-local-auto.ts TypeScript 137L · 4.0 KB

│ └─ 📋 tsconfig.json JSON 17L · 424 B

├─ ▾ 📁 scripts

│ ├─ 📜 generate-tiles.ts TypeScript 163L · 4.3 KB

│ └─ 📜 sync-skill.mjs JavaScript 34L · 1.0 KB

├─ ▾ 📁 src

│ ├─ ▾ 📁 adapters

│ │ ├─ 📜 auto-worker.ts TypeScript 87L · 2.7 KB

│ │ ├─ 📜 daemon.ts TypeScript 10L · 267 B

│ │ ├─ 📜 image-server.ts TypeScript 107L · 2.7 KB

│ │ ├─ 📜 oneshot.ts TypeScript 41L · 1.4 KB

│ │ └─ 📜 terminal.ts TypeScript 79L · 2.0 KB

│ ├─ ▾ 📁 game

│ │ ├─ 📜 crops.ts TypeScript 84L · 2.2 KB

│ │ ├─ 📜 engine.ts TypeScript 266L · 7.7 KB

│ │ ├─ 📜 farm.ts TypeScript 418L · 14.7 KB

│ │ └─ 📜 types.ts TypeScript 85L · 1.9 KB

│ ├─ ▾ 📁 notify

│ │ ├─ 📜 openclaw-delivery.ts TypeScript 126L · 4.7 KB

│ │ └─ 📜 openclaw-push.ts TypeScript 501L · 18.5 KB

│ ├─ ▾ 📁 render

│ │ ├─ 📜 ansi-renderer.ts TypeScript 52L · 1.4 KB

│ │ ├─ 📜 image-renderer.ts TypeScript 231L · 7.6 KB

│ │ └─ 📜 text-renderer.ts TypeScript 81L · 2.7 KB

│ ├─ ▾ 📁 storage

│ │ └─ 📜 local-storage.ts TypeScript 114L · 3.0 KB

│ ├─ 📜 index.ts TypeScript 8L · 572 B

│ └─ 📜 local-auto.ts TypeScript 271L · 8.6 KB

├─ 📋 package-lock.json JSON 846L · 25.0 KB

├─ 📋 package.json JSON 46L · 1.1 KB

├─ 📝 README.md Markdown 119L · 2.6 KB

├─ 📝 RELEASE_CHECKLIST.md Markdown 73L · 2.7 KB

├─ 📝 SKILL.md Markdown 89L · 2.7 KB

├─ 🔧 start.sh Shell 38L · 1.3 KB

└─ 📋 tsconfig.json JSON 19L · 473 B

依赖分析 3 项

包名	版本	来源	已知漏洞	备注
`@napi-rs/canvas`	`^0.1.97`	npm	否	Image rendering library, version not pinned
`tsx`	`^4.21.0`	npm devDependency	否	TypeScript executor, version not pinned
`typescript`	`^5.9.3`	npm devDependency	否	TypeScript compiler, version not pinned

安全亮点

✓ Farming game logic itself appears legitimate with no malicious code

✓ No evidence of credential theft or API key harvesting

✓ No base64-encoded commands or obfuscation observed

✓ No C2 communication or external IP connections

✓ No reverse shell or remote code execution vulnerabilities

✓ Dependencies (@napi-rs/canvas) are standard image rendering library