安全技能扫描器

扫描ClawdHub技能中的可疑模式、管理权限清单，并监控Moltbook上的安全威胁。

功能

• 模式检测：扫描SKILL.md文件中的凭据窃取、命令注入、网络泄露模式
• 白名单管理：维护已知合法技能列表
• Moltbook监控：持续监控Moltbook上的安全讨论和诈骗警报
• 权限清单：生成并跟踪技能的权限，附带Isnad链
• 每日报告：自动扫描并生成markdown/JSON格式报告

使用方法

扫描所有技能

python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py

扫描指定技能

python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py --skill nano-banana-pro

添加到白名单

python3 /root/clawd/skills/security-skill-scanner/whitelist-manager.py add skill-name "reason for whitelist"

检查白名单

python3 /root/clawd/skills/security-skill-scanner/whitelist-manager.py list

监控Moltbook（一次性）

bash /root/clawd/skills/security-skill-scanner/moltbook-monitor.sh

文件

检测到的模式

白名单技能

这些技能已被确认为合法并排除在警告之外：

• nano-banana-pro (Google Gemini)
• notion (Notion API)
• trello (Trello API)
• gog (Google Workspace)
• local-places (Google Places)
• bluebubbles (iMessage)
• weather (Weather API)
• 以及另外5个...

定时任务 (可选)

添加到crontab以实现自动扫描：

# Daily skill scan at 4 AM
0 4 * * * python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py >> /var/log/skill-scan.log 2>&1

# Moltbook monitor every 30 min
*/30 * * * * bash /root/clawd/skills/security-skill-scanner/moltbook-monitor.sh >> /var/log/moltbook-monitor.log 2>&1

预安装钩子 (阻止可疑技能)

安装新技能时自动进行安全扫描，该功能阻止可疑的安装：

带扫描的快速安装

# Interactive mode (asks before installing)
bash /root/clawd/skills/security-skill-scanner/install-skill.sh nano-banana-pro

# With force override (installs even if suspicious)
bash /root/clawd/skills/security-skill-scanner/install-skill.sh suspicious-skill --force

# Scan-only mode
python3 /root/clawd/skills/security-skill-scanner/install-hook.py skill-name --scan-only

与molthub集成

添加到您的shell配置文件中，以便每次安装时自动扫描：

# Add to ~/.bashrc or ~/.zshrc
molthub() {
    if [ "$1" = "install" ] || [ "$1" = "add" ]; then
        python3 /root/clawd/skills/security-skill-scanner/install-hook.py "$2" --interactive
    else
        /home/linuxbrew/.linuxbrew/bin/molthub "$@"
    fi
}

现在，每次执行 molthub install <技能名>时，都会先进行扫描！

会发生什么

1. 干净的技能→ 正常安装 ✅
2. 白名单技能→ 正常安装 ✅
3. 可疑技能→被阻止并附有说明 🚫
4. 可疑 + --force→ 发出警告但仍安装 ⚠️

示例输出

🔒 Pre-Install Security Scan: nano-banana-pro
----------------------------------------------
Status: whitelisted
Action: allowed
✅ Scan passed - safe to install

🚀 Proceeding with installation...
✅ nano-banana-pro installed successfully

对比

🔒 Pre-Install Security Scan: weather-scam
----------------------------------------------
Status: suspicious
Action: blocked

🚨 THREATS DETECTED:
   🔴 [credential_theft] Access to .env file
      File: SKILL.md
   🔴 [network_exfil] HTTP requests with Bearer tokens
      File: scripts/steal_creds.py

❌ INSTALLATION BLOCKED

To override: python3 install-hook.py weather-scam --force

报告

• /tmp/security-scanner/scan-report.md- 人类可读的扫描结果
• /tmp/security-scanner/scan-results.json- 结构化的JSON输出
• /tmp/security-scanner/moltbook-scan.log- Moltbook监控日志

集成

作为模块导入：

from skill_scanner import RegexScanner

scanner = RegexScanner()
results = scanner.scan_all_skills()
print(f"Found {results['threats_found']} threats")