agent-harness 安全扫描报告 — 可信 | ClawSafe

5 /100

agent-harness

Long-running agent workflow automation — feature tracking, progress management, and session orchestration

The agent-harness skill is a legitimate project workflow automation tool that manages feature tracking and session orchestration using documented bash scripts and git operations.

技能名称agent-harness

分析耗时31.7s

引擎pi

✓

可以安装

This skill is safe to use. No security concerns identified.

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`WRITE`	✓ 一致	scripts/harness.sh:51-54 - cp command copies templates
命令执行	`NONE`	`WRITE`	✓ 一致	scripts/harness.sh - git init, chmod +x operations are documented and necessary
环境变量	`NONE`	`READ`	✓ 一致	scripts/harness.sh:67 - date command for timestamps only
网络访问	`NONE`	`NONE`	—	No network calls in codebase

2 项发现

🔗

中危外部 URL 外部 URL

https://www.anthropic.com/engineering/effective-harnesses-for-long-running-agents

README.md:3

🔗

中危外部 URL 外部 URL

https://docs.anthropic.com/en/docs/about-claude/models

README.md:296

目录结构

12 文件 · 38.3 KB · 1140 行

Markdown 7f · 700L Shell 2f · 311L JSON 2f · 107L Text 1f · 22L

├─ ▾ 📁 docs

│ ├─ 📝 architecture.md Markdown 56L · 2.1 KB

│ ├─ 📝 file-flow.md Markdown 63L · 2.0 KB

│ └─ 📝 sequence.md Markdown 73L · 2.4 KB

├─ ▾ 📁 prompts

│ ├─ 📝 coder.md Markdown 85L · 2.9 KB

│ └─ 📝 initializer.md Markdown 57L · 2.2 KB

├─ ▾ 📁 scripts

│ └─ 🔧 harness.sh Shell 244L · 7.9 KB

├─ ▾ 📁 templates

│ ├─ 📄 claude-progress.txt Text 22L · 765 B

│ ├─ 📋 feature_list.json JSON 34L · 784 B

│ └─ 🔧 init.sh Shell 67L · 1.8 KB

├─ 📝 README.md Markdown 296L · 10.2 KB

├─ 📋 skill.json JSON 73L · 2.0 KB

└─ 📝 SKILL.md Markdown 70L · 3.2 KB

依赖分析 3 项

包名	版本	来源	已知漏洞	备注
`bash`	`>=4.0`	system	否	Standard shell dependency
`git`	`>=2.0`	system	否	Version control dependency
`python3`	`>=3.7`	system	否	JSON manipulation only

安全亮点

✓ All shell operations are clearly documented and directly support stated purpose

✓ File operations are scoped to project directory only

✓ No credential harvesting or sensitive data access

✓ No obfuscation techniques detected

✓ No external network calls except to Anthropic documentation URLs

✓ Python3 usage limited to JSON parsing/manipulation

✓ Git operations follow standard version control workflow

✓ No curl/wget remote script execution

✓ init.sh template has all sensitive code commented out