Scan Report
5 /100
ocas-elephas
Elephas: long-term knowledge graph (Chronicle) maintenance skill
Elephas is a legitimate knowledge graph maintenance skill with well-documented behavior. The base64 decoding at line 266 is standard GitHub API usage for self-update, not obfuscation.
Safe to install
This skill is safe to use. No security concerns identified.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | READ | READ | ✓ Aligned | skill.json declares read access to ~/openclaw/* directories; references show rea… |
| Filesystem | WRITE | WRITE | ✓ Aligned | skill.json declares write access to ~/openclaw/{db,journals,data}/ocas-elephas/;… |
| Network | NONE | READ | ✓ Aligned | elephas.update uses gh api to fetch remote version (SKILL.md:266); not declared … |
1 Critical 2 findings
Critical Encoded Execution Base64 编码执行(代码混淆)
base64 -d SKILL.md:266 Info Email 邮箱地址
[email protected] skill.json:6 File Tree
8 files · 44.5 KB · 1217 lines Markdown 7f · 1196L
JSON 1f · 21L
├─
▾
references
│ ├─
ingestion_pipeline.md
Markdown
│ ├─
init_pattern.md
Markdown
│ ├─
journal.md
Markdown
│ ├─
ontology.md
Markdown
│ └─
schemas.md
Markdown
├─
README.md
Markdown
├─
skill.json
JSON
└─
SKILL.md
Markdown
Security Positives
✓ Well-documented skill with clear responsibility boundaries
✓ Uses platform-provided library (real_ladybug) rather than arbitrary shell commands
✓ All file operations scoped to designated openclaw directories
✓ Comprehensive journal and audit trail system
✓ Identity merges are reversible with full merge history preserved
✓ No credential access, no sensitive path traversal (no ~/.ssh, ~/.aws, .env access)
✓ Atomic journal writes (write to .tmp, then rename)
✓ Clear escalation rules for candidate promotion with confidence scoring
✓ No base64 obfuscation or hidden functionality - self-update uses standard GitHub API format