← 返回
未分类 中文

Osop Review

Review .osop/.osoplog for security risks, permission gaps, and destructive commands
审查 .osop/.osoplog 中的安全风险、权限缺陷和破坏性命令
archie0125 archie0125 来源
未分类 clawhub v1.2.0 1 版本 100000 Key: 无需
★ 0
Stars
📥 285
下载
💾 1
安装
1
版本
#latest

概述

OSOP Workflow Reviewer

Review a workflow or execution log for risks and issues.

Target file

$ARGUMENTS

What to do

  1. Read the file specified in the argument (.osop or .osoplog.yaml)
  1. Analyze for risks — check each node for:
    • security.risk_level: high|critical without preceding approval_gate
    • security.permissions containing broad patterns (write:, admin:, delete:*)
    • cli nodes with destructive commands (rm -rf, kubectl delete, terraform destroy, DROP TABLE)
    • Hardcoded secrets (strings starting with sk-, ghp_, xoxb-, API keys)
    • Agent nodes without cost.estimated (unbounded cost exposure)
    • Missing timeout_sec on external call nodes (api, cli, agent, infra, mcp)
    • Missing error handling (no fallback/error edge) on medium+ risk nodes
  1. Compute risk score (0-100):
    • Each node: type_weight risk_multiplier mitigation_factor
    • Type weights: cli=2, infra=2, db=1.5, agent=1.5, docker=1.5, cicd=1.5, api=1, others=0.5-1
    • Risk multiplier: low=1, medium=2, high=4, critical=8
    • Mitigations: approval_gate=-50%, retry_policy=-10%, fallback_edge=-20%
    • Finding penalty: low=+2, medium=+5, high=+10, critical=+20
  1. Present findings in a clear table:

```

Risk Score: XX/100 — VERDICT (safe/caution/warning/danger)

| Severity | Finding | Node | Suggestion |

|----------|---------|------|------------|

| CRITICAL | ... | ... | ... |

```

  1. Summarize:
    • Total permissions required
    • Secrets referenced
    • Estimated cost (if any)
    • Whether approval gates exist
    • Final verdict: is this safe to run?

For .osoplog files

If reviewing an execution log, also check:

  • Which tools were actually used and how many calls
  • Whether any nodes failed and why
  • AI reasoning decisions — were they sound?
  • Sub-agent hierarchy — was the spawning appropriate?
  • Total execution time and cost

版本历史

共 1 个版本

  • v1.2.0 当前
    2026-05-07 14:59 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

ai-agent

Osop

archie0125
面向AI代理的OSOP工作流创作、验证、风险分析与自优化
★ 0 📥 411
it-ops-security

OpenClaw Backup

alex3alex
备份与恢复 OpenClaw 数据。适用于创建备份、设置自动备份计划、从备份恢复或管理备份轮转。处理 ~/.openclaw 目录归档并包含适当的排除规则。
★ 90 📥 31,094
it-ops-security

Free Ride - Unlimited free AI

shaivpidadi
管理OpenClaw的OpenRouter免费AI模型,自动按质量排名模型,配置速率限制备用方案,并更新opencla...
★ 472 📥 78,672