技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 0 · 495 · 0 current installs · 0 all-time installs
⭐ 0
安装量(当前) 0
🛡 VirusTotal :良性 · OpenClaw :良性
Package:aiwithabidi/security-monitor-deploy
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :良性
OpenClaw 评估
The skill's code and instructions match its stated purpose (a local security audit) and do not appear to exfiltrate data or perform unrelated actions, but it reads sensitive local configuration and requires careful review before use because the bundled script is large and the provided file was truncated.
目的
Name/description claim a local security audit. The skill only requires the docker binary and its script inspects OpenClaw config files, Docker, SSH, firewall, listening services, and file permissions — all consistent with an audit tool. No unrelated credentials or binaries are requested.
说明范围
The SKILL.md instructs the agent to run the included shell script which enumerates and inspects local files (/root/.openclaw/openclaw.json, ~/.openclaw, /etc/ssh/sshd_config, /var/run/docker.sock, SSH key dirs, .env files) and runs docker/ss/netstat/iptables/ufw commands. This is expected for a security audit, but these actions access sensitive local files and system state — the script checks permissions and configuration but generally does no…
安装机制
No install spec; this is instruction-only with a bundled script. Nothing is downloaded or written to disk by an installer. This is the lower-risk pattern for skills that are local-audit focused.
证书
The skill declares no required environment variables or credentials, which is appropriate. However, the script reads various sensitive files and system resources (openclaw.json, .env files, SSH key paths, Docker socket and container details). Those accesses are proportionate to an auditing tool but are inherently sensitive — running the script gives it the ability to inspect local secrets and container metadata (Docker inspect can reveal conta…
持久
The skill is not always-enabled and does not request persistent presence or modify other skills. It runs as a one-off script when invoked. The agent's autonomous invocation capability is default and not combined with other concerning privileges here.
综合结论
This skill appears to do what it says: a local security audit. Before installing or running it: 1) Review the entire scripts/security_audit.sh file yourself (the provided content was truncated in the review). 2) Run it on a non-production or disposable system first (or inside an isolated container/VM) so you don't expose real secrets during testing. 3) Note it inspects /var/run/docker.sock and may run docker inspect/ps — if your Docker contain…
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Security Monitor Deploy」。简介:Comprehensive security audit for OpenClaw deployments. Checks Docker port bindi…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/aiwithabidi/security-monitor-deploy/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
暂无本地缓存内容,可在后台执行详情同步。