← 返回
未分类 中文

ict

Security audit tool for Claw Skills - NOT malicious. This tool contains detection rules (eval, exec, subprocess, etc.) for scanning skills, these are securit...
安全审计工具,用于检测 Claw Skills 中的 eval、exec、subprocess 等危险函数,提示潜在安全风险。
vimvem vimvem 来源
未分类 clawhub v4.0.8 1 版本 100000 Key: 无需
★ 0
Stars
📥 418
下载
💾 0
安装
1
版本
#audit#devtools#latest#security

概述

ict

Basic Info

  • Description: Automated tool for checking Claw Skill quality, supports code style, security vulnerabilities, documentation completeness and code-documentation consistency
  • Triggers: quality check, audit, inspect skill, skill quality, ICT, batch scan, full scan, security check, global scan
  • Category: devtools
  • Version: 4.0.8

> ⚠️ Security Notice: This tool contains malicious code pattern detection rules for static analysis. Detection rules contain keywords like exec, eval, C2 - this is normal for audit functionality and will not execute malicious code.

Installation

Install from ClawHub

clawhub install ict

Manual Installation

# Clone or download this skill
cd ict

# Make executable
chmod +x ict.py

# Run directly
python3 ict.py --help

Usage

CLI

# Single Skill Audit
python ict.py <skill_folder_path>
python ict.py <skill_folder_path> --json

# 5-Dimension Trust Score
python ict.py <skill_folder_path> --score

# Trend Tracking
python ict.py <skill_folder_path> --save-trend
python ict.py <skill_folder_path> --trend

# Compare Two Skills
python ict.py <skill_folder_path> --compare <other_skill_path>

# Diff Audit
python ict.py <old_folder_path> --diff <new_folder_path>

# Batch Scan
python ict.py --all
python ict.py --all --skills-dir /path/to/skills

API

from ict import audit_skill
result = audit_skill("/path/to/skill-folder")

Features

Security Checks (23 items)

#CheckDescription
-----------------------
1Credential HarvestCredential + network calls combo detection
2Code Executioneval/exec/spawn
3Data Exfiltrationwebhook.site, requestbin, ngrok URLs
4Base64 ObfuscationEncoded payloads
5Sensitive FS/etc/passwd, ~/.ssh, ~/.aws
6Crypto WalletETH/BTC address detection
7Dependency Confusion@internal, typosquatting
8Install Hookspre/post install
9Symlink AttackSymlink to sensitive paths
10Time BombDelayed trigger
11Remote Execcurlbash, wgetsh
12TelemetryAnalytics SDK, tracking
13Prompt Injection"ignore previous instructions"
14Stealth ExfilHidden data transmission
15C2 ServerC2 server detection
16Container EscapeDocker socket escape
17SSH RemoteSSH/scp commands
18Privilege Escalationsudo, chmod 777
19Hidden FilesAccess to .files
23Unusual Ports4444, 5555, 1337, etc

Supported Languages

  • Python (.py)
  • Shell (.sh, .bash)
  • JavaScript/TypeScript (.js, .ts)

5-Dimension Trust Score (0-100)

DimensionMaxDescription
----------------------------
Security35Security check results
Quality22Documentation completeness
Structure18File structure
Transparency15Version/license info
Behavioral10Code consistency

Grade: A(90+), B(75+), C(60+), D(40+), F(<40)

Quality Checks

  • SKILL.md completeness
  • Code style (line length, syntax)
  • Code-documentation consistency
  • File structure

Batch Scan

  • One-click scan all installed Skills
  • Global security report sorted by risk
  • Statistics: safe/warning/danger

Trend Tracking

  • --save-trend Save score to history
  • --trend View score trend
  • Keep last 50 records

Comparison

  • --compare Side-by-side comparison
  • Show dimension differences and winner

Diff Audit

  • --diff Compare old/new versions
  • Identify new issues, fixed issues, regressions

Exit Code (CI/CD)

CodeMeaning
---------------
0PASS - Safe
1REVIEW - Warnings
2FAIL - Critical issues
3Error

False Positive Prevention

  • PATTERN_DEF_FILTER - Auto-filter rule definitions
  • Comment line filtering
  • Allowlist support

Limitations

  • Some checks based on regex, may have false positives
  • LLM analysis requires external tools

ict

基本信息

  • 描述: 自动化检查 Claw Skill 质量的工具,支持代码风格,安全漏洞、文档完整性和代码文档一致性检查
  • 触发词: 质检, audit, 检查skill, skill质量, ICT, 批量扫描, 全部扫描, 安全体检, 全局扫描
  • 分类: devtools
  • 版本: 4.0.8

> ⚠️ 安全说明: 本工具包含恶意代码模式检测规则,用于静态分析审计目标代码。检测规则本身包含 exec、eval、C2 等敏感关键字,这是正常的审计功能,不会执行任何恶意操作。

安装

从 ClawHub 安装

clawhub install ict

手动安装

# 克隆或下载此 skill
cd ict

# 添加执行权限
chmod +x ict.py

# 直接运行
python3 ict.py --help

使用方法

CLI

# 单个 Skill 审查
python ict.py <skill_folder_path>
python ict.py <skill_folder_path> --json

# 5维度信任评分
python ict.py <skill_folder_path> --score

# 趋势追踪
python ict.py <skill_folder_path> --save-trend
python ict.py <skill_folder_path> --trend

# 对比两个 Skills
python ict.py <skill_folder_path> --compare <other_skill_path>

# Diff审计
python ict.py <old_folder_path> --diff <new_folder_path>

# 批量扫描
python ict.py --all
python ict.py --all --skills-dir /path/to/skills

API

from ict import audit_skill
result = audit_skill("/path/to/skill-folder")

功能

安全检查 (23项)

#检测项说明
-----------------
1凭证收集凭证+网络调用组合检测
2代码执行eval/exec/spawn
3数据外泄webhook.site, requestbin, ngrok
4Base64混淆编码载荷
5敏感文件系统/etc/passwd, ~/.ssh, ~/.aws
6加密钱包ETH/BTC地址检测
7依赖混淆@internal, 拼写抢注
8安装钩子pre/post install
9Symlink攻击符号链接敏感路径
10时间炸弹延迟触发
11远程执行curlbash, wgetsh
12遥测追踪分析SDK, 追踪
13提示词注入"忽略之前指令"
14隐蔽数据外发隐藏数据传输
15C2服务器C2服务器检测
16容器逃逸Docker socket逃逸
17SSH远程SSH/scp命令
18权限提升sudo, chmod 777
19隐藏文件访问.files
23非寻常端口4444, 5555, 1337等

支持语言

  • Python (.py)
  • Shell (.sh, .bash)
  • JavaScript/TypeScript (.js, .ts)

5维度信任评分 (0-100)

维度满分说明
------------------
Security35安全检测结果
Quality22文档完整性
Structure18文件结构
Transparency15版本/许可证信息
Behavioral10代码一致性

评级: A(90+), B(75+), C(60+), D(40+), F(<40)

质量检查

  • SKILL.md完整性
  • 代码风格
  • 代码文档一致性
  • 文件结构

批量扫描

  • 一键扫描所有已安装的Skills
  • 按风险排序的全局安全报告
  • 统计:安全/警告/危险

趋势追踪

  • --save-trend 保存评分到历史
  • --trend 查看评分趋势
  • 保留最近50条记录

对比分析

  • --compare 并排对比
  • 显示各维度差异和胜出者

Diff审计

  • --diff 对比新旧版本
  • 识别新增问题、修复问题、回归

Exit Code (CI/CD)

退出码含义
--------------
0PASS - 安全
1REVIEW - 警告
2FAIL - 严重问题
3Error

防误报机制

  • PATTERN_DEF_FILTER - 自动过滤规则定义
  • 注释行过滤
  • 白名单支持

限制

  • 部分检测基于正则,可能存在误报
  • LLM分析需外部工具

版本历史

共 1 个版本

  • v4.0.8 当前
    2026-05-03 08:34 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

it-ops-security

Free Ride - Unlimited free AI

shaivpidadi
管理OpenClaw的OpenRouter免费AI模型,自动按质量排名模型,配置速率限制备用方案,并更新opencla...
★ 472 📥 78,569
it-ops-security

MoltGuard - Security & Antivirus & Guardrails

thomaslwang
MoltGuard — OpenClaw 安全守卫,由 OpenGuardrails 提供。安装后可防止您和您的用户受到提示注入、数据泄露及恶意行为的侵害。
★ 116 📥 31,018
dev-programming

Skill Ict

vimvem
已弃用 - 该技能已重命名为 'ict'。请改为安装 'ict':clawhub install ict
★ 0 📥 593