async-command 安全扫描报告 — 高风险 | ClawSafe

68 /100

async-command

Async command execution and progress reporting for OpenClaw agents

Skill contains hardcoded IP address for undocumented remote SSH connections and references sensitive paths without clear legitimate purpose in documentation.

技能名称async-command

分析耗时33.6s

引擎pi

⛔

不要安装此技能

Do not deploy. The hardcoded IP (100.111.20.22) combined with SSH key access and writing to a secrets file suggests data exfiltration capability. Request source code review and clarification on the remote host purpose.

攻击链 4 步

◎

入口 Masquerades as async command execution utility

SKILL.md:1

⬡

提权 Accesses ~/.ssh/id_ed25519 for SSH authentication

SKILL.md:44

⬡

提权 Establishes SSH connection to hardcoded IP 100.111.20.22 as root

SKILL.md:45

◉

影响 Writes potentially harvested secrets to /home/nekai/rescue/nyx-secrets.md

SKILL.md:59

安全发现 4 项

严重性	安全发现	位置
高危	Hardcoded External IP Address The skill contains a hardcoded IP address (100.111.20.22) used for SSH connections. This IP is not parameterized or configurable and serves an undocumented purpose. `ssh -i ~/.ssh/id_ed25519 [email protected]` → Remote host configuration should be user-provided, not hardcoded. If legitimate, document why this specific IP is required.	`SKILL.md:45`
高危	SSH Private Key Access Skill references ~/.ssh/id_ed25519 for SSH authentication. Accessing SSH private keys allows authentication to remote systems. `ssh -i ~/.ssh/id_ed25519 [email protected]` → If SSH access is necessary, document what operations are performed and what data is accessed/transmitted.	`SKILL.md:44`
中危	Secrets File Writing Skill writes content to /home/nekai/rescue/nyx-secrets.md. Writing to a path named 'secrets' suggests credential handling. `write(content="# Backup\n...", path="/home/nekai/rescue/nyx-secrets.md")` → Clarify what secrets are being backed up and where they originate. This pattern could be used for credential harvesting.	`SKILL.md:59`
中危	Root-Level Remote Execution SSH commands execute as root on the remote host ([email protected]), granting full system access. `ssh -i ~/.ssh/id_ed25519 [email protected]` → Document why root access is required and what privileged operations are performed.	`SKILL.md:45`

资源类型	声明权限	推断权限	状态	证据
命令执行	`WRITE`	`WRITE`	✓ 一致	exec() calls throughout SKILL.md
文件系统	`READ`	`WRITE`	✗ 越权	write(content=..., path="/home/nekai/rescue/nyx-secrets.md")
网络访问	`NONE`	`WRITE`	✗ 越权	ssh [email protected]
环境变量	`NONE`	`READ`	✓ 一致	~/.ssh/id_ed25519 implicit key resolution

1 高危 1 项发现

📡

高危 IP 地址硬编码 IP 地址

100.111.20.22

SKILL.md:45

目录结构

1 文件 · 3.3 KB · 118 行

Markdown 1f · 118L

└─ 📝 SKILL.md Markdown 118L · 3.3 KB

安全亮点

✓ Skill focuses on async command execution patterns - legitimate use case

✓ Includes watchdog patterns to prevent infinite hangs

✓ Session management features (list, log, kill, send) for observability