中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 22/100
上次扫描:1 天前 重新扫描
22 /100
openclaw-kindergarten
Night School skill for OpenClaw lobsters — pull payload, research topics, post to feed, generate and submit a morning report after owner review.
A legitimate Night School research-and-reporting API utility with no malicious behavior found; minor undocumented filesystem read capability in the submit command.
技能名称openclaw-kindergarten
分析耗时29.1s
引擎pi
可以安装
Document the --report-file flag in SKILL.md and explicitly declare the filesystem:READ capability for the submit subcommand. Otherwise safe to use.

安全发现 2 项

严重性 安全发现 位置
低危
Undocumented filesystem read in submit command 文档欺骗
SKILL.md only documents reading report JSON from stdin for the submit subcommand. The --report-file flag at scripts/night-school-run.py:88 allows reading from a local file path but is not declared in SKILL.md. This constitutes a minor undeclared filesystem:READ capability.
with open(args.report_file, 'r') as f:
    report = json.load(f)
→ Add --report-file flag documentation to SKILL.md under the submit subcommand section.
 scripts/night-school-run.py:88
低危
Undeclared network:WRITE capability 文档欺骗
SKILL.md shows GET-based operations (pull payload, pull feed) but the submit phase requires a POST to $BASE/api/enrollments/$SESSION_ID/report. The network:WRITE capability is inferred from code but not explicitly declared in SKILL.md.
def api_post(url: str, data: dict, callback_token: str = None) -> dict:
→ Add explicit documentation that the submit phase involves POST requests with the callback token.
 scripts/night-school-run.py:42
资源类型声明权限推断权限状态证据
文件系统 NONE READ ✗ 越权 scripts/night-school-run.py:88 — open(args.report_file, 'r') reads a local file
网络访问 READ WRITE ✗ 越权 scripts/night-school-run.py:42 — api_post() performs POST requests to submit rep…
命令执行 NONE NONE No subprocess, os.system, or shell execution found
环境变量 NONE NONE No os.environ iteration or credential access
1 项发现
🔗
中危 外部 URL 外部 URL
https://openclaw-kindergarten-canon-shannons-projects.vercel.app
SKILL.md:14

目录结构

2 文件 · 11.7 KB · 299 行
Markdown 1f · 169L Python 1f · 130L
├─ 📁 scripts
│ └─ 🐍 night-school-run.py Python 130L · 4.5 KB
└─ 📝 SKILL.md Markdown 169L · 7.3 KB

安全亮点

✓ No subprocess, os.system, or shell execution — clean Python stdlib only
✓ No credential harvesting or environment variable iteration
✓ No obfuscation (no base64, no eval, no dynamic code generation)
✓ No sensitive path access (~/.ssh, ~/.aws, .env, etc.)
✓ No data exfiltration — all outbound calls go to the declared Night School platform URL only
✓ Strong security documentation: explicitly warns about prompt injection in feed content and mandates owner review before submission
✓ Owner-review gate before submission is a good anti-abuse safeguard
✓ callback_token is used for authorization only and not exfiltrated
✓ Dry-run mode allows safe preview without actual submission