fco-monitor 安全扫描报告 — 低风险 | ClawSafe

20 /100

fco-monitor

FC Online官网监控 — 自动监控FC Online（足球在线4）官网活动，发现新活动时及时通知用户

A legitimate FC Online game-website monitor with minor documentation gaps and a defensive base64 pattern; no malicious behavior found.

技能名称fco-monitor

分析耗时70.3s

引擎pi

✓

可以安装

Approve for use. Consider adding install.sh capabilities to SKILL.md for full transparency, and pin curl/jq versions in documentation.

安全发现 5 项

严重性	安全发现	位置
中危	Undeclared system-directory writes in install.sh The install script writes to /usr/lib/node_modules/openclaw/skills, /root/.openclaw/config, and /etc/systemd/system without declaring these capabilities in SKILL.md. It also auto-installs system packages (curl, jq, node) via yum/apt-get. `cp -r "$skill_dir"/* "$target_dir"` → Add an 'Installation Requirements' section to SKILL.md explicitly listing filesystem:WRITE and shell:WRITE capabilities needed for install.sh.	`install.sh:74`
低危	Undeclared Node.js shell execution via execSync openclaw-integration.js uses Node.js child_process.execSync to invoke the bash script, which constitutes shell:WRITE. This is not declared in SKILL.md, though the check-now command is effectively documented. `execSync(command, { cwd: this.skillDir, encoding: 'utf8', stdio: 'pipe', ...options })` → Document the Node.js integration layer in SKILL.md's Technical Implementation section, noting that it wraps the bash script via execSync.	`openclaw-integration.js:15`
低危	System package auto-installation without user consent install.sh automatically attempts to install missing dependencies (curl, jq, node) via yum/apt-get with root privileges, which could silently modify the system. `yum install -y "$dep" 2>/dev/null \|\| true` → Require users to install dependencies manually or prompt before auto-installation. Add a --skip-deps flag for controlled environments.	`install.sh:55`
提示	Defensive base64 encoding in generate_notification() The pre-scan flagged 'base64 --decode' at fco-monitor.sh:202 as critical. However, this is a well-known defensive bash pattern: jq '@base64' encodes JSON objects for safe shell variable transport, then 'base64 --decode' unpacks them. This is not obfuscation or hidden execution. `local activity=$(echo "$activity_base64" \| base64 --decode)` → This is a false positive. The pattern prevents word-splitting and glob expansion of JSON field values. Consider documenting this pattern in comments for clarity.	`fco-monitor.sh:202`
提示	No npm dependency pinning package.json declares zero runtime dependencies (dependencies: {}), which is good for supply-chain security. No risk from this side. `"dependencies": {}` → Maintain the zero-dependency approach. If external packages are added in the future, pin versions explicitly.	`package.json:27`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`WRITE`	✗ 越权	install.sh:74 cp -r "$skill_dir"/* "$target_dir"; install.sh:76 chmod +x; instal…
命令执行	`NONE`	`WRITE`	✗ 越权	openclaw-integration.js:15 execSync(command, ...); install.sh:55-62 auto-install…
网络访问	`READ`	`READ`	✓ 一致	fco-monitor.sh:68 curl -s -L "$FCO_URL"; SKILL.md declares '使用curl直接获取HTML内容'
环境变量	`NONE`	`NONE`	—	No os.environ iteration for secrets observed
技能调用	`NONE`	`NONE`	—	No recursive skill invocation found
剪贴板	`NONE`	`NONE`	—	No clipboard access found
浏览器	`NONE`	`NONE`	—	No browser automation found
数据库	`NONE`	`NONE`	—	No database access found

1 严重 21 项发现

🔒

严重编码执行 Base64 编码执行（代码混淆）

base64 --decode

fco-monitor.sh:202

🔗

中危外部 URL 外部 URL

https://fco.qq.com/main.shtml

EXAMPLES.md:57

🔗

中危外部 URL 外部 URL

https://fco.qq.com/...

EXAMPLES.md:114

🔗

中危外部 URL 外部 URL

https://discord.com/api/webhooks/...

EXAMPLES.md:208

🔗

中危外部 URL 外部 URL

https://clawhub.com/submit

PUBLISH_TO_SKILLHUB.md:83

🔗

中危外部 URL 外部 URL

https://clawhub.com

PUBLISH_TO_SKILLHUB.md:164

🔗

中危外部 URL 外部 URL

https://clawhub.com/docs/submit

PUBLISH_TO_SKILLHUB.md:165

🔗

中危外部 URL 外部 URL

https://community.openclaw.ai

PUBLISH_TO_SKILLHUB.md:166

🔗

中危外部 URL 外部 URL

https://docs.openclaw.ai

PUBLISH_TO_SKILLHUB.md:169

🔗

中危外部 URL 外部 URL

https://discord.gg/clawd

PUBLISH_TO_SKILLHUB.md:171

🔗

中危外部 URL 外部 URL

https://docs.openclaw.ai/skills/development

PUBLISH_TO_SKILLHUB.md:174

🔗

中危外部 URL 外部 URL

https://docs.openclaw.ai/api

PUBLISH_TO_SKILLHUB.md:176

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/OpenClaw-Skill-blue.svg

README.md:3

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/version-1.0.0-green.svg

README.md:4

🔗

中危外部 URL 外部 URL

https://clawhub.com/skills/fco-monitor

README.md:4

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/license-MIT-blue.svg

README.md:5

🔗

中危外部 URL 外部 URL

https://fco.qq.com

README.md:89

🔗

中危外部 URL 外部 URL

https://api.star-history.com/svg?repos=openclaw/skill-fco-monitor&type=Date

README.md:146

🔗

中危外部 URL 外部 URL

https://star-history.com/#openclaw/skill-fco-monitor&Date

README.md:146

🔗

中危外部 URL 外部 URL

https://fco.qq.com/webplat/info/news_version3/33965/34617/38284/m22646/list_1.shtml

install.sh:142

🔗

中危外部 URL 外部 URL

https://fco.qq.com/main.shtml检查最新活动，如果有新活动则总结关键信息通知用户。

openclaw-integration.js:103

目录结构

9 文件 · 47.4 KB · 1864 行

Markdown 5f · 926L Shell 2f · 626L JavaScript 1f · 259L JSON 1f · 53L

├─ 📝 EXAMPLES.md Markdown 281L · 6.1 KB

├─ 🔧 fco-monitor.sh Shell 341L · 9.2 KB

├─ 🔧 install.sh Shell 285L · 6.7 KB

├─ 📜 openclaw-integration.js JavaScript 259L · 7.5 KB

├─ 📋 package.json JSON 53L · 1.4 KB

├─ 📝 PUBLISH_TO_SKILLHUB.md Markdown 199L · 5.6 KB

├─ 📝 QUICK_START.md Markdown 126L · 2.6 KB

├─ 📝 README.md Markdown 149L · 3.9 KB

└─ 📝 SKILL.md Markdown 171L · 4.4 KB

依赖分析 3 项

包名	版本	来源	已知漏洞	备注
`curl`	`system`	system package manager	否	System tool, version not pinned — used for HTTP requests to fco.qq.com
`jq`	`system`	system package manager	否	System tool, version not pinned — used for JSON parsing
`node`	`>=14.0.0`	system package manager	否	Runtime requirement per package.json engines field

安全亮点

✓ No credential harvesting — skill never accesses ~/.ssh, ~/.aws, .env, or iterates environment variables for secrets

✓ No data exfiltration — no POSTs of credentials or system info to external servers

✓ No obfuscation — base64 usage is a documented defensive bash pattern, not code hiding

✓ No remote script execution — no curl|bash or wget|sh patterns found

✓ No eval() or Function() constructors — no dynamic code execution

✓ No HTML comment steganography — no hidden instructions in documentation

✓ Network activity is scoped to a single documented URL (fco.qq.com) and uses a standard User-Agent header

✓ Zero npm runtime dependencies eliminates supply-chain attack surface

✓ Uses standard system tools (curl, jq) with well-formed parameters and timeouts

✓ Error handling is present with retry logic and graceful degradation