中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 18/100
上次扫描:1 天前 重新扫描
18 /100
rtk-rewrite
OpenClaw plugin that intercepts exec tool calls and rewrites commands via `rtk rewrite` for token optimization
Plugin delegates shell command rewriting to an external `rtk` binary with no credential access or data exfiltration; includes a documented but risky curl|sh installation pattern in README.
技能名称rtk-rewrite
分析耗时25.4s
引擎pi
可以安装
Approve with caution: Review the `rtk` binary trustworthiness before deployment. Consider pinning the install script to a specific commit hash to mitigate supply chain risk.

安全发现 3 项

严重性 安全发现 位置
中危
Curl-pipe-sh installation instruction 供应链
README.md:20 instructs users to pipe curl output directly into sh, a dangerous pattern that executes arbitrary remote code without verification.
curl -fsSL https://raw.githubusercontent.com/rtk-ai/rtk/refs/heads/master/install.sh | sh
→ Use version-pinned installation methods or verify script integrity before execution.
 README.md:20
低危
Undeclared shell execution via execFileSync 文档欺骗
index.ts uses execFileSync to invoke the `rtk` binary but SKILL.md does not declare shell execution as a capability.
const output = execFileSync('rtk', ['rewrite', cmd], {...})
→ Document that the skill invokes external binary via execFileSync for transparency.
 index.ts:17
低危
Homepage mismatch between files 文档欺骗
SKILL.md declares repository as github.com/rtk-ai/rtk but openclaw.plugin.json declares homepage as github.com/aimagist/openrtklaw.
"homepage": "https://github.com/aimagist/openrtklaw"
→ Align repository and homepage URLs across documentation files.
 openclaw.plugin.json, SKILL.md:3
资源类型声明权限推断权限状态证据
命令执行 NONE WRITE ✗ 越权 index.ts:17 execFileSync('rtk', ['rewrite', cmd])
文件系统 NONE WRITE ✗ 越权 index.ts:18-19 appendFileSync, mkdirSync for audit logs
1 严重 1 项发现
💀
严重 危险命令 危险 Shell 命令
curl -fsSL https://raw.githubusercontent.com/rtk-ai/rtk/refs/heads/master/install.sh | sh
README.md:20

目录结构

4 文件 · 9.3 KB · 339 行
Markdown 2f · 189L TypeScript 1f · 111L JSON 1f · 39L
├─ 📜 index.ts TypeScript 111L · 3.1 KB
├─ 📋 openclaw.plugin.json JSON 39L · 1.2 KB
├─ 📝 README.md Markdown 135L · 3.6 KB
└─ 📝 SKILL.md Markdown 54L · 1.4 KB

安全亮点

✓ No credential harvesting or environment variable iteration observed
✓ Audit logs only contain command rewrites, no sensitive data exfiltration
✓ execFileSync uses explicit arguments array (not shell injection-prone string)
✓ Error handling prevents information leakage on ENOENT or status 1
✓ MIT license with publicly available source code