中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 15/100
上次扫描:1 天前 重新扫描
15 /100
360Guard
360-degree comprehensive security review Skill. Use before installing any Skill from ClawHub, GitHub, or other sources.
360Guard is a legitimate security scanner skill that documents dangerous patterns (nc -e, base64 -d) as detection targets - these are false positives in the documentation, not actual malicious code.
技能名称360Guard
分析耗时45.4s
引擎pi
可以安装
Safe to install. The skill uses standard grep/find/file operations for security scanning. No credential theft, data exfiltration, or persistence mechanisms detected.

安全发现 2 项

严重性 安全发现 位置
提示
Pattern Documentation (False Positive) 文档欺骗
SKILL.md lines 99 and 206 contain 'nc -e' and 'base64 -d' as documented RED FLAGS TO DETECT. These are part of the security scanner's detection checklist, not actual malicious code or execution paths.
• Initiates reverse shell (nc -e / bash -i)
→ This is legitimate documentation. No action needed - the skill is functioning as designed.
 SKILL.md:99
提示
Base64 Pattern Documentation (False Positive) 文档欺骗
SKILL.md line 206 lists 'Uses base64 decode on anything' as a red flag to detect. This is part of the security checklist documentation.
• Uses base64 decode on anything
→ This is legitimate documentation. No action needed.
 SKILL.md:206
资源类型声明权限推断权限状态证据
文件系统 READ READ ✓ 一致 Scanner reads target files for pattern matching
命令执行 WRITE WRITE ✓ 一致 Scripts execute grep/find commands for scanning
网络访问 NONE NONE No network calls made by scanner scripts
2 严重 3 项发现
💀
严重 危险命令 危险 Shell 命令
nc -e
SKILL.md:99
🔒
严重 编码执行 Base64 编码执行(代码混淆)
base64 -d
SKILL.md:206
🔗
中危 外部 URL 外部 URL
https://clawhub.ai/api/download/SKILL_NAME
SKILL.md:471

目录结构

5 文件 · 34.9 KB · 1003 行
Markdown 2f · 715L JavaScript 1f · 177L Shell 2f · 111L
├─ 📁 scripts
│ ├─ 🔧 full-scan.sh Shell 80L · 2.8 KB
│ ├─ 🔧 quick-scan.sh Shell 31L · 1.2 KB
│ └─ 📜 scanner.cjs JavaScript 177L · 6.7 KB
├─ 📝 CHANGELOG.md Markdown 208L · 5.6 KB
└─ 📝 SKILL.md Markdown 507L · 18.7 KB

安全亮点

✓ Purpose is security vetting - legitimate defensive tool
✓ No credential theft or exfiltration code detected
✓ No persistence mechanisms (cron, systemd, etc.)
✓ No reverse shell or C2 communication
✓ Scripts use standard grep/find operations for pattern matching
✓ External URLs are in documentation/instructions, not executed code
✓ No obfuscation or base64-encoded payloads in executable code
✓ No supply chain risks - no external dependencies
✓ Scanner is self-referential - detects its own documented patterns as examples