技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 0 · 188 · 1 current installs · 1 all-time installs
⭐ 0
安装量(当前) 1
🛡 VirusTotal :可疑 · OpenClaw :良性
Package:4worlds4w-svg/clauwdit
安全扫描(ClawHub)
- VirusTotal :可疑
- OpenClaw :良性
OpenClaw 评估
The skill is internally coherent for a remote SKILL.md auditor — it contains only usage instructions that call a third‑party HTTP service and does not request extra credentials or install code — but it relies entirely on an external endpoint, so trust in that site is required.
目的
The name and description (security auditor for SKILL.md files) match the content: the SKILL.md documents a remote static analysis service and shows how to POST skill contents for analysis. There are no unrelated env vars, binaries, or install steps requested.
说明范围
The instructions direct the user/agent to send SKILL.md content to https://clauwdit.4worlds.dev via curl/POST. This is consistent with an online auditor, but it means sensitive skill contents (including any secrets present in a SKILL.md) would be transmitted to a third party. The SKILL.md does not instruct the agent to read other local files or environment variables beyond the content to be submitted.
安装机制
No install spec or code is included (instruction-only). That minimizes on-disk risk; there are no downloads, extracts, or package installs to review.
证书
The skill does not request any environment variables, credentials, or config paths. There is no disproportionate credential access declared. However, the runtime behavior depends on network access to an external domain.
持久
always is false and there is no mechanism that would persist or modify other skills or agent-wide configuration. The skill does not request elevated persistence or unusual privileges.
综合结论
This skill is a thin wrapper describing a remote static-audit service — it does what it says, but it relies on sending SKILL.md content to clauwdit.4worlds.dev. Before using: (1) Do not submit any secrets, API keys, or private files; review and redact sensitive data from SKILL.md before posting. (2) Verify the ownership and TLS certificate of clauwdit.4worlds.dev, check for a privacy policy or contact info (the SKILL.md says 'Built by 4Worlds'…
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「clauwdit」。简介:Security auditor for AI agent skills. Scans SKILL.md files for prompt injection…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/4worlds4w-svg/clauwdit/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
暂无本地缓存内容,可在后台执行详情同步。