技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 0 · 31 · 0 current installs · 0 all-time installs
⭐ 0
安装量(当前) 0
🛡 VirusTotal :良性 · OpenClaw :可疑
Package:cryptoreumd/medcrypt
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :可疑
OpenClaw 评估
The package provides plausible client-side crypto primitives that match the stated purpose, but the documentation over-promises (messaging integration, QR handling, and compliance claims) while the runtime instructions and code are incomplete/buggy and lack provenance; review before use.
目的
The description claims end-to-end encryption for messaging on Telegram/WhatsApp and regulatory compliance. The included medcrypt.py implements AES-256-GCM encryption, PBKDF2 key derivation, key rotation, an audit-log abstraction, and Shamir sharing — all consistent with client-side encryption. However, there is no code that integrates with Telegram or WhatsApp, no QR-code generation/parsing code in the package, and no code that implements the …
说明范围
SKILL.md simply instructs: 'pip install cryptography' and 'python medcrypt.py' and describes protocol/operational rules (QR PBKDF2, wire format, key rotation). The instructions are vague and over-broad: they reference QR-code-based key exchange and sending via Telegram/WhatsApp but do not provide code or commands to perform those actions. The medcrypt.py file shown performs local crypto and an in-memory encrypted audit log, but the SKILL.md as…
安装机制
No install spec in the registry; SKILL.md recommends 'pip install cryptography' before running the included Python script. This is a low-risk, standard dependency installation from PyPI. There are no downloads from unknown URLs or archive extraction steps in the metadata.
证书
The skill declares no required environment variables, credentials, or config paths. The code excerpt does not reference environment secrets or external credentials. This is proportionate to the provided functionality (local crypto primitives).
持久
The skill is not always-enabled and does not request elevated privileges. The included audit log implementation stores entries in-memory (self.entries) in the shown code; no evidence in the provided excerpt of writing system-wide configuration, other skill settings, or network exfiltration. That said, persistence and transport behavior depends on the rest of the (truncated) file and how users run the script.
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「MedCrypt: End-to-End Encryption for Medical Messaging」。简介:Encrypts medical data client-side with AES-256-GCM for secure messaging on Tele…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/cryptoreumd/medcrypt/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
暂无本地缓存内容,可在后台执行详情同步。