中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:1 day ago Rescan
5 /100
daily-mood
Mood-aware daily message delivery — morning and evening emotional support messages for registered users, with real-time mood response
This is a genuine mood-message delivery skill with no malicious behavior — all scripts only read/write local JSON user files, generate LLM prompts to stdout, and perform strict input sanitization.
Skill Namedaily-mood
Duration50.2s
Enginepi
Safe to install
No action needed. The skill is a benign multi-user daily message system. Consider adding an explicit allowed-tools declaration to SKILL.md metadata for completeness.

Findings 1 items

Severity Finding Location
Low
Missing allowed-tools declaration in SKILL.md metadata Doc Mismatch
The skill uses filesystem:WRITE (for user registration) and filesystem:READ (for reading user profiles), but SKILL.md's metadata section does not include an allowed-tools declaration. This is a minor documentation gap — the operations are legitimate and non-sensitive.
metadata: { openclaw: { runtime: { node: '>=18' } } }  # missing allowed-tools
→ Add an allowed-tools field to SKILL.md metadata documenting filesystem:READ+WRITE usage, e.g., allowed-tools: [Read, Write] or allowed-tools: [{ resource: 'filesystem', level: 'WRITE' }]
 SKILL.md:1
ResourceDeclaredInferredStatusEvidence
Filesystem NONE READ ✓ Aligned All scripts: fs.readdirSync + fs.readFileSync on data/users/
Filesystem NONE WRITE ✓ Aligned scripts/mood-response.js:57, scripts/register.js:73 — write to data/users/<userI…
Shell NONE NONE No child_process, exec, spawn, or system() calls found in any script
Network NONE NONE No http, https, fetch, or curl calls found — no outbound connectivity
Environment NONE NONE No process.env iteration or sensitive key access
Skill Invoke NONE NONE No skill invocation or cross-skill calls
Clipboard NONE NONE No clipboard access
Browser NONE NONE No browser automation
Database NONE NONE No database connectivity — only local JSON files

File Tree

10 files · 34.2 KB · 831 lines
JavaScript 5f · 639L Markdown 1f · 149L JSON 4f · 43L
├─ 📁 data
│ └─ 📁 users
│ ├─ 📋 alice.json JSON 7L · 176 B
│ └─ 📋 bob.json JSON 7L · 172 B
├─ 📁 scripts
│ ├─ 📜 evening-push.js JavaScript 128L · 5.7 KB
│ ├─ 📜 mood-response.js JavaScript 156L · 6.9 KB
│ ├─ 📜 morning-push.js JavaScript 141L · 7.0 KB
│ ├─ 📜 push-toggle.js JavaScript 122L · 3.8 KB
│ └─ 📜 register.js JavaScript 92L · 3.5 KB
├─ 📋 _meta.json JSON 6L · 121 B
├─ 📋 package.json JSON 23L · 978 B
└─ 📝 SKILL.md Markdown 149L · 5.9 KB

Security Positives

✓ No shell execution — zero child_process, exec, spawn, or eval calls across all 5 scripts
✓ No network access — no http, https, fetch, curl, or outbound connectivity of any kind
✓ No credential theft — no access to .env, ~/.ssh, ~/.aws, or environment variable iteration
✓ No obfuscation — all code is human-readable with clear inline documentation
✓ No base64, no encoded payloads, no anti-analysis techniques
✓ No sensitive path access — only reads/writes to skill-local data/users/ directory
✓ Strict input sanitization — userId sanitized with regex /[^a-zA-Z0-9_-]/g and capped at 64 chars
✓ Mood allowlist enforcement — ALLOWED_MOODS is a Set of 9 pre-defined values with no injection surface
✓ No external dependencies — package.json declares no runtime dependencies, only npm scripts
✓ No cron execution — push-toggle.js only prints cron commands as instructions, never executes them
✓ Clean codebase — 639 lines across 5 scripts with consistent, readable style