安全决策报告

Self-Audit

Name: Self-Audit 可信度判断报告
Item: Self-Audit
Rating: 55
Author: ClawSafe

Skill declares a 'self-audit' CLI script and 'audit/' directory that do not exist; undeclared sensitive config.json with LLM tool permissions is present but not documented.

安装决策优先来源: 手动上传扫描时间: 2026/4/5

文件 2

IOC 0

越权项 0

发现 3

为什么得出这个结论

0/4 个维度触发

通过

声明与实际能力

声明资源与推断能力基本一致。

通过

隐藏执行与外联

当前没有明显的高危外联或执行信号。

通过

攻击链与高危发现

没有形成明确的恶意路径。

复核

依赖与供应链卫生

没有完整依赖信息，供应链判断需要保留弹性。

风险分是怎么被拉高的

Non-existent declared entry point +20

SKILL.md declares 'self-audit' as main CLI script but file does not exist

Undeclared sensitive file +15

config.json with LLM system prompts and allowed-tools mapping is not mentioned in documentation

No implementation files +10

Skill has zero executable code despite claiming CLI functionality

最关键的证据

中危文档欺骗

Declared entry point does not exist

SKILL.md lists 'self-audit' as the 'Main CLI script' but no such file exists in the package. This is a significant doc-to-code mismatch.

SKILL.md:66

Either implement the declared script or remove the reference from documentation.

中危文档欺骗

Undeclared sensitive configuration file

config.json contains LLM system prompts and tool permission mappings but is not mentioned anywhere in SKILL.md. This file includes allowed-tools definitions (Bash, Read, Write, WebFetch) which map to resource permissions.

config.json:1

Document all configuration files in SKILL.md or remove unnecessary sensitive files.

低危文档欺骗

Declared storage directory does not exist

SKILL.md mentions an 'audit/' directory for audit log storage that does not exist.

SKILL.md:67

Either implement the directory creation or remove from documentation.

声明能力 vs 实际能力

文件系统 通过

声明 NONE

→

推断 NONE

No scripts exist to infer capabilities

网络访问 通过

声明 NONE

→

推断 NONE

No network code exists

命令执行 通过

声明 NONE

→

推断 NONE

No shell scripts exist

环境变量 通过

声明 NONE

→

推断 NONE

No env access code exists

可疑产物与外联

没有提取到明显 IOC。

依赖与供应链

没有结构化依赖告警。

文件构成

2 个文件 · 88 行

Markdown 1 个文件 · 75 行JSON 1 个文件 · 13 行

需关注文件 · 2

config.json JSON · 13 行

Undeclared sensitive configuration file

SKILL.md Markdown · 75 行

Declared entry point does not exist · Declared storage directory does not exist

安全亮点

No executable malicious code present in the package

No credential harvesting or exfiltration mechanisms

No network communication code detected

No obfuscated or base64-encoded payloads