技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 0 · 612 · 2 current installs · 2 all-time installs
⭐ 0
安装量(当前) 2
🛡 VirusTotal :可疑 · OpenClaw :可疑
Package:atlaspa/openclaw-action
安全扫描(ClawHub)
- VirusTotal :可疑
- OpenClaw :可疑
OpenClaw 评估
The action's stated behavior (local-only, auditable) conflicts with its runtime behavior: it fetches and executes scanner scripts from remote GitHub URLs at runtime, creating a supply-chain risk.
目的
Name/description match the code: it is a GitHub Action that scans workspaces for secrets, injection, and egress patterns and only requires python3. However the README and SKILL.md assert 'No network calls' and 'No dependencies' while action.yml downloads scanner scripts at runtime via curl from raw.githubusercontent.com. Fetching remote scanner code is not necessary to describe the action's purpose and is inconsistent with the claimed 'auditab…
说明范围
SKILL.md and README instruct how to add the Action and state scanners run locally and are auditable. The actual runtime instructions (action.yml + scripts/scan.py) download external Python scanner scripts and then execute them. That means the action's runtime behavior extends beyond the local repo content the README promises: it executes code retrieved over the network, which can change between runs and may alter scanning behavior or exfiltrat…
安装机制
There is no installer, but action.yml explicitly uses curl to download three scripts from raw.githubusercontent.com at runtime. raw.githubusercontent.com is a well-known host (GitHub), which is better than arbitrary servers, but downloading and executing raw scripts from the network on each run is higher-risk than vendoring/pinning code. The downloads are not pinned to commit SHAs or releases (they use main branch URLs), increasing supply-chai…
证书
The skill does not request extra credentials or unrelated environment variables. It uses standard GitHub Actions runner env vars (GITHUB_OUTPUT, GITHUB_STEP_SUMMARY) and accepts workspace and scan toggles via inputs. No SECRET/TOKEN env vars are required by the skill itself.
持久
always is false; the skill does not request permanent agent presence or attempt to modify other skills. It writes only Action outputs and a job summary, and does not persist data beyond the run. The main privilege concern is runtime execution of downloaded code, not persistent elevated privileges.
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Openclaw Action」。简介:GitHub Action for automated security scanning of agent workspaces. Detects expo…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/atlaspa/openclaw-action/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: openclaw-action
description: "GitHub Action for automated security scanning of agent workspaces. Detects exposed secrets, prompt/shell injection, and data exfiltration patterns in PRs and commits."
user-invocable: false
metadata: {"openclaw":{"emoji":"🛡️","requires":{"bins":["python3"]},"os":["darwin","linux","win32"]}}
---
# OpenClaw Security Action
GitHub Action that scans agent skills for security issues on every PR.
## What It Scans
| Scanner | What It Catches |
|---------|-----------------|
| **sentry** | API keys, tokens, passwords, credentials in code |
| **bastion** | Prompt injection markers, shell injection patterns |
| **egress** | Suspicious network calls, data exfiltration patterns |
## Quick Start
Add to `.github/workflows/security.yml`:
```yaml
name: Security Scan
on:
pull_request:
paths:
- 'skills/**'
- '.openclaw/**'
push:
branches: [main]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: AtlasPA/openclaw-action@v1
with:
workspace: '.'
fail-on-findings: 'true'
```
## Inputs
| Input | Default | Description |
|-------|---------|-------------|
| `workspace` | `.` | Path to scan |
| `fail-on-findings` | `true` | Fail the check if issues found |
| `scan-secrets` | `true` | Enable secret scanning |
| `scan-injection` | `true` | Enable injection scanning |
| `scan-egress` | `true` | Enable egress scanning |
## Outputs
| Output | Description |
|--------|-------------|
| `findings-count` | Total number of issues found |
| `has-critical` | `true` if critical/high severity issues |
## Philosophy
This action **detects and alerts only**. It will:
- Flag security issues in PR checks
- Annotate specific lines with findings
- Generate a summary report
It will NOT:
- Automatically modify your code
- Quarantine or delete files
- Make any changes to your repository
For automated remediation, see [OpenClaw Pro](https://github.com/sponsors/AtlasPA).
## Requirements
- Python 3.8+ (auto-installed by action)
- No external dependencies