中文 EN

扫描报告

扫描新文件

可信 — 风险评分 5/100
上次扫描:2 天前 重新扫描
5 /100
openclaw-role-configurator
OpenClaw 角色配置助手 - 帮你轻松完成 OpenClaw 的角色配置,是每个新用户的第一个 skill
This is a benign OpenClaw role configurator skill providing guided role setup with 21 preset templates and SOUL.md file generation. No malicious behavior detected.
技能名称openclaw-role-configurator
分析耗时30.3s
引擎pi
可以安装
This skill is safe to use. No security concerns identified.

安全发现 2 项

严重性 安全发现 位置
低危
Non-existent script referenced in documentation
SKILL.md references 'scripts/guided_config.py' which does not exist in the package. Only template_manager.py, config_writer.py, and skill_recommender.py are present.
scripts/guided_config.py - 引导式配置
→ Remove or update documentation to match actual file structure
 SKILL.md:175
低危
Default workspace path uses root directory
config_writer.py defaults to '/root/.openclaw/workspace' which may not be ideal in all environments, though this is the expected path for the OpenClaw tool itself.
OPENCLAW_WORKSPACE = os.environ.get("OPENCLAW_WORKSPACE", "/root/.openclaw/workspace")
→ Consider using a user-configurable path or respecting XDG base directory spec
 scripts/config_writer.py:12
资源类型声明权限推断权限状态证据
文件系统 READ READ ✓ 一致 scripts/template_manager.py:21 and scripts/config_writer.py:18 read JSON files
文件系统 WRITE WRITE ✓ 一致 scripts/config_writer.py:34 writes SOUL.md to workspace

目录结构

8 文件 · 28.5 KB · 816 行
Markdown 2f · 331L JSON 3f · 296L Python 3f · 189L
├─ 📁 data
│ ├─ 📋 role_templates.json JSON 143L · 10.8 KB
│ └─ 📋 skill_recommendations.json JSON 144L · 2.7 KB
├─ 📁 scripts
│ ├─ 🐍 config_writer.py Python 61L · 1.5 KB
│ ├─ 🐍 skill_recommender.py Python 42L · 1.2 KB
│ └─ 🐍 template_manager.py Python 86L · 2.5 KB
├─ 📋 _meta.json JSON 9L · 606 B
├─ 📝 README.md Markdown 78L · 1.9 KB
└─ 📝 SKILL.md Markdown 253L · 7.4 KB

安全亮点

✓ No shell execution or subprocess usage
✓ No credential harvesting or environment variable enumeration
✓ No network requests or external IP connections
✓ No base64 encoding or obfuscation techniques
✓ No sensitive path access (~/.ssh, ~/.aws, .env)
✓ No remote script execution (curl|bash, wget|sh)
✓ No hidden functionality not declared in documentation
✓ No data exfiltration observed
✓ All file operations are scoped to the OpenClaw workspace
✓ Code is simple and straightforward with no obfuscation