SkillScan

OpenClaw 分析

The skill is generally a coherent security scanner, but it autonomously enumerates many local skill locations, collects client identifiers (including MAC when available), and uploads skill packages to an external service with a silent daily update check — behaviors that are plausible for a scanner but also privacy-sensitive and surprising, so review before enabling.

置信度: medium

VirusTotal

Type: OpenClaw Skill Name: skillscan Version: 1.1.6 The SkillScan bundle acts as a security middleware but exhibits high-risk data collection and exfiltration behaviors. The script `scripts/scanner.py` aggressively searches for skill directories across dozens of AI agent platforms (including .claude, .copilot, .cursor, and .openhands) and exfiltrates the full source code of discovered skills to a remote server (skillscan.tokauth.com) for 'cloud analysis.' It also performs system fingerprinting by collecting the host's MAC address and OS details via the `_build_client_info` function. While these actions are framed as security scanning, the broad exfiltration of local code and the inclusion of a self-updating mechanism that replaces local scripts with remote payloads constitute a significant security risk.