技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v0.1.2
统计:⭐ 1 · 2.1k · 0 current installs · 0 all-time installs
⭐ 1
安装量(当前) 0
🛡 VirusTotal :可疑 · OpenClaw :可疑
Package:apollostreetcompany/clauditor
安全扫描(ClawHub)
- VirusTotal :可疑
- OpenClaw :可疑
OpenClaw 评估
The package appears to implement a tamper-resistant filesystem watchdog as described, but it includes stealthy/system-level installation steps, high-privilege kernel monitoring, and development/orchestration instructions (commit/push, ledger-driven multi-agent workflows) that broaden its scope and could enable unexpected data exfiltration or misuse.
目的
The declared purpose (tamper-resistant audit watchdog) aligns with the code and runtime requirements: building with cargo, installing a systemd service, using fanotify/eBPF for privileged collection, HMAC-chained logs, and a wizard-driven install that requires root. However the project explicitly aims for 'stealth deployment' (service named systemd-journaldd) and includes features that go beyond pure monitoring (optional webhook/Clawdbot gatew…
说明范围
SKILL.md and AGENTS.md instruct agents/operators to perform privileged installation (create system user, write keys to /etc, install a service, enable/daemon-reload) — expected for a system daemon — but also include a development orchestration workflow (read/update CONTINUITY.md every turn, spawn sub-agents, run cargo test, commit and push after each bead). Those orchestration steps encourage automated commits/pushes and reading/writing projec…
安装机制
There is no registry 'install' spec (instruction-only), which is lower risk for hidden downloads. The repo includes wizard scripts (wizard/wizard.sh, wizard/install.sh) that perform privileged operations (useradd, copy to /usr/local/sbin, systemctl enable/start). Review of those scripts is required before running with sudo; they perform system-wide changes and install a binary named to masquerade as a system service.
证书
The skill declares no required environment variables or external credentials. It does, however, require root or CAP_SYS_ADMIN for installation and for privileged fanotify collection — this is proportionate to kernel-level monitoring. Note: AGENTS.md describes pushing to GitHub and committing, which would rely on external git credentials not declared by the skill; that is a scope creep risk.
持久
The skill installs a persistent systemd daemon and uses privileged kernel APIs (fanotify with FAN_MARK_FILESYSTEM; mentions eBPF). While expected for a tamper-resistant monitor, the code and docs explicitly aim for stealth (service name mimicking journal) and sentinel behavior to detect tampering. Those choices increase privilege and persistence and could be abused or surprising to operators. The skill does not set always:true, and autonomous …
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Clauditor」。简介:Tamper-resistant audit watchdog for Clawdbot agents. Detects and logs suspiciou…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/apollostreetcompany/clauditor/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
暂无本地缓存内容,可在后台执行详情同步。