ProcessGuard — Critical Process Monitor & Auto-Restart 安全扫描报告 — 低风险 | ClawSafe

15 /100

ProcessGuard — Critical Process Monitor & Auto-Restart

Monitor critical processes, auto-restart on failure, track CPU/memory, send alerts via webhook/callback/file, and write dead man's switch heartbeat.

ProcessGuard is a legitimate process monitoring skill with solid security controls — shell operator blocking, optional allowlist enforcement, and spawn with shell:false. The pre-flagged 'rm -rf /' is a documentation example demonstrating the allowlist security model, not actual malicious code.

技能名称ProcessGuard — Critical Process Monitor & Auto-Restart

分析耗时34.1s

引擎pi

✓

可以安装

This skill is safe to use. Ensure commandAllowlist is configured in production deployments to restrict restart executables to trusted binaries only.

安全发现 2 项

严重性	安全发现	位置
低危	SKILL.md lacks allowed-tools declaration 文档欺骗 SKILL.md does not declare allowed-tools permissions, yet the implementation uses shell:WRITE (spawn) and filesystem:WRITE (file writes). This is a documentation gap rather than hidden functionality. `No allowed-tools section present` → Add 'allowed-tools: Bash→shell:WRITE, Read→filesystem:READ, Write→filesystem:WRITE' to SKILL.md frontmatter.	`SKILL.md:1`
提示	PID file reading from configurable paths 敏感访问 The skill reads PID files from user-specified paths (pid_file config). While not inherently malicious (this is standard process management), any file path is readable. `fs.readFileSync(pidFile, 'utf8')` → Ensure users do not configure sensitive PID files from untrusted sources.	`src/process-guard.js:163`

资源类型	声明权限	推断权限	状态	证据
命令执行	`NONE`	`WRITE`	✓ 一致	src/process-guard.js:179 - spawn() used to execute restart commands
文件系统	`NONE`	`WRITE`	✓ 一致	src/process-guard.js:303-307 - fs.writeFileSync for heartbeat/logs
网络访问	`READ`	`READ`	✓ 一致	src/process-guard.js:138 - HTTP/HTTPS health checks
环境变量	`NONE`	`READ`	✓ 一致	src/process-guard.js:164 - process.kill(pid, 0) for PID existence check
浏览器	`NONE`	`NONE`	—	N/A
剪贴板	`NONE`	`NONE`	—	N/A
数据库	`NONE`	`NONE`	—	N/A
技能调用	`NONE`	`NONE`	—	N/A

1 严重 8 项发现

💀

严重危险命令危险 Shell 命令

rm -rf /

README.md:204

🔗

中危外部 URL 外部 URL

https://hooks.slack.com/services/...

README.md:107

🔗

中危外部 URL 外部 URL

https://ko-fi.com/theshadowrose

README.md:372

🔗

中危外部 URL 外部 URL

https://shadowyrose.gumroad.com

README.md:373

🔗

中危外部 URL 外部 URL

https://twitter.com/TheShadowyRose

README.md:374

🔗

中危外部 URL 外部 URL

https://promptbase.com/profile/shadowrose

README.md:376

🔗

中危外部 URL 外部 URL

https://www.fiverr.com/s/jjmlZ0v

README.md:382

📧

提示邮箱邮箱地址

[email protected]

README.md:371

目录结构

3 文件 · 30.6 KB · 889 行

JavaScript 1f · 454L Markdown 2f · 435L

├─ ▾ 📁 src

│ └─ 📜 process-guard.js JavaScript 454L · 17.4 KB

├─ 📝 README.md Markdown 384L · 11.3 KB

└─ 📝 SKILL.md Markdown 51L · 1.9 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`pidusage`	`*`	npm	否	Optional dependency - CPU/memory monitoring disabled if absent

安全亮点

✓ Uses spawn with shell:false — no shell interpolation or injection surface

✓ Shell operator blocking enforced unconditionally: /[;&|`$ <>]/

✓ commandAllowlist provides defense-in-depth for restart commands

✓ README.md:204 demonstrates rm -rf / blocked by allowlist (not executed)

✓ spawnSync with shell:false for command health checks — secure implementation

✓ HTTP requests only for declared health checks and user-configured webhooks

✓ No base64, eval, or obfuscated code patterns

✓ No credential harvesting or environment variable exfiltration

✓ No suspicious network IOCs (IPs, C2 patterns)

✓ Optional dependency (pidusage) gracefully degrades if not installed