daily-mood 安全扫描报告 — 可信 | ClawSafe

5 /100

daily-mood

Mood-aware daily message delivery — morning and evening emotional support messages for registered users, with real-time mood response

This is a genuine mood-message delivery skill with no malicious behavior — all scripts only read/write local JSON user files, generate LLM prompts to stdout, and perform strict input sanitization.

技能名称daily-mood

分析耗时50.2s

引擎pi

✓

可以安装

No action needed. The skill is a benign multi-user daily message system. Consider adding an explicit allowed-tools declaration to SKILL.md metadata for completeness.

安全发现 1 项

严重性	安全发现	位置
低危	Missing allowed-tools declaration in SKILL.md metadata 文档欺骗 The skill uses filesystem:WRITE (for user registration) and filesystem:READ (for reading user profiles), but SKILL.md's metadata section does not include an allowed-tools declaration. This is a minor documentation gap — the operations are legitimate and non-sensitive. `metadata: { openclaw: { runtime: { node: '>=18' } } } # missing allowed-tools` → Add an allowed-tools field to SKILL.md metadata documenting filesystem:READ+WRITE usage, e.g., allowed-tools: [Read, Write] or allowed-tools: [{ resource: 'filesystem', level: 'WRITE' }]	`SKILL.md:1`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`READ`	✓ 一致	All scripts: fs.readdirSync + fs.readFileSync on data/users/
文件系统	`NONE`	`WRITE`	✓ 一致	scripts/mood-response.js:57, scripts/register.js:73 — write to data/users/<userI…
命令执行	`NONE`	`NONE`	—	No child_process, exec, spawn, or system() calls found in any script
网络访问	`NONE`	`NONE`	—	No http, https, fetch, or curl calls found — no outbound connectivity
环境变量	`NONE`	`NONE`	—	No process.env iteration or sensitive key access
技能调用	`NONE`	`NONE`	—	No skill invocation or cross-skill calls
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser automation
数据库	`NONE`	`NONE`	—	No database connectivity — only local JSON files

目录结构

10 文件 · 34.2 KB · 831 行

JavaScript 5f · 639L Markdown 1f · 149L JSON 4f · 43L

├─ ▾ 📁 data

│ └─ ▾ 📁 users

│ ├─ 📋 alice.json JSON 7L · 176 B

│ └─ 📋 bob.json JSON 7L · 172 B

├─ ▾ 📁 scripts

│ ├─ 📜 evening-push.js JavaScript 128L · 5.7 KB

│ ├─ 📜 mood-response.js JavaScript 156L · 6.9 KB

│ ├─ 📜 morning-push.js JavaScript 141L · 7.0 KB

│ ├─ 📜 push-toggle.js JavaScript 122L · 3.8 KB

│ └─ 📜 register.js JavaScript 92L · 3.5 KB

├─ 📋 _meta.json JSON 6L · 121 B

├─ 📋 package.json JSON 23L · 978 B

└─ 📝 SKILL.md Markdown 149L · 5.9 KB

安全亮点

✓ No shell execution — zero child_process, exec, spawn, or eval calls across all 5 scripts

✓ No network access — no http, https, fetch, curl, or outbound connectivity of any kind

✓ No credential theft — no access to .env, ~/.ssh, ~/.aws, or environment variable iteration

✓ No obfuscation — all code is human-readable with clear inline documentation

✓ No base64, no encoded payloads, no anti-analysis techniques

✓ No sensitive path access — only reads/writes to skill-local data/users/ directory

✓ Strict input sanitization — userId sanitized with regex /[^a-zA-Z0-9_-]/g and capped at 64 chars

✓ Mood allowlist enforcement — ALLOWED_MOODS is a Set of 9 pre-defined values with no injection surface

✓ No external dependencies — package.json declares no runtime dependencies, only npm scripts

✓ No cron execution — push-toggle.js only prints cron commands as instructions, never executes them

✓ Clean codebase — 639 lines across 5 scripts with consistent, readable style