🎁 Get the FREE AI Skills Starter GuideSubscribe →
BytesAgainBytesAgain
🦀 ClawHub

🦒 Giraffe Guard — 长颈鹿卫士

by @lida408

Scan OpenClaw skill directories for 22 supply chain attack patterns with context-aware detection, colored output, JSON reports, and whitelist support.

Versionv3.1.0
Downloads1,055
Installs2
TERMINAL
clawhub install giraffe-guard

📖 About This Skill

🦒 Giraffe Guard — 长颈鹿卫士

Scan OpenClaw skill directories for supply chain attacks and malicious code. 扫描 OpenClaw skill 目录,检测潜在的供应链投毒和恶意代码。

Features / 功能

  • 22 security detection rules covering the full supply chain attack surface / 22 条检测规则,覆盖供应链攻击全链路
  • Context-aware: distinguishes documentation from executable code, reducing false positives / 上下文感知:区分文档描述和实际可执行代码,降低误报
  • Colored terminal output + JSON report output / 彩色终端输出 + JSON 格式报告
  • --verbose mode shows matching line context / --verbose 模式显示匹配行上下文
  • --skip-dir to exclude directories / --skip-dir 跳过指定目录
  • Whitelist support / 白名单机制
  • Compatible with macOS and Linux, zero external dependencies / 兼容 macOS 和 Linux,零外部依赖
  • Usage / 使用方法

    Scan a skill directory / 扫描目录

    {baseDir}/scripts/audit.sh /path/to/skills
    

    Verbose mode / 详细模式

    {baseDir}/scripts/audit.sh --verbose /path/to/skills
    

    JSON report / JSON 报告

    {baseDir}/scripts/audit.sh --json /path/to/skills
    

    With whitelist / 使用白名单

    {baseDir}/scripts/audit.sh --whitelist whitelist.txt /path/to/skills
    

    Skip directories / 跳过目录

    {baseDir}/scripts/audit.sh --skip-dir node_modules --skip-dir vendor /path/to/skills
    

    Combined / 组合使用

    {baseDir}/scripts/audit.sh --verbose --context 3 --whitelist whitelist.txt --skip-dir node_modules /path/to/skills
    

    Detection Rules (22) / 检测规则

    🔴 Critical / 严重级别

    | # | Rule | EN | 中文 | |---|------|----|------| | 1 | pipe-execution | Pipe execution (curl/wget to bash) | 管道执行 | | 2 | base64-decode-pipe | Base64 decoded and piped | Base64 解码管道执行 | | 3 | security-bypass | macOS Gatekeeper/SIP bypass | 安全机制绕过 | | 5 | tor-onion-address | Tor hidden service | 暗网地址 | | 5 | reverse-shell | Reverse shell patterns | 反向 shell | | 7 | file-type-disguise | Binary disguised as text | 文件类型伪装 | | 8 | ssh-key-exfiltration | SSH key theft | SSH 密钥窃取 | | 8 | cloud-credential-access | Cloud credential access | 云凭证访问 | | 8 | env-exfiltration | Env vars sent over network | 环境变量外传 | | 9 | anti-sandbox | Anti-debug/anti-sandbox | 反沙盒/反调试 | | 10 | covert-downloader | One-liner downloaders | 单行下载器 | | 11 | persistence-launchagent | macOS LaunchAgent | 持久化 | | 13 | string-concat-bypass | String concatenation bypass | 字符串拼接绕过 | | 15 | env-file-leak | .env with real secrets | .env 密钥泄露 | | 16 | typosquat-npm/pip | Typosquatting packages | 包名仿冒 | | 17 | malicious-postinstall | Malicious lifecycle scripts | 恶意生命周期脚本 | | 18 | git-hooks | Active git hooks | 活跃 git hooks | | 19 | sensitive-file-leak | Private keys/credentials | 私钥/凭证泄露 | | 20 | skillmd-prompt-injection | Prompt injection in SKILL.md | SKILL.md prompt 注入 | | 21 | dockerfile-privileged | Docker privileged mode | Docker 特权模式 | | 22 | zero-width-chars | Zero-width Unicode chars | 零宽 Unicode 字符 |

    🟡 Warning / 警告级别

    | # | Rule | EN | 中文 | |---|------|----|------| | 2 | long-base64-string | Long Base64 strings | 超长 Base64 字符串 | | 4 | dangerous-permissions | Dangerous permissions | 危险权限修改 | | 5 | suspicious-network-ip | Non-local IP connections | 非本地 IP 直连 | | 5 | netcat-listener | Netcat listeners | netcat 监听 | | 6 | covert-exec-eval | Suspicious eval() (JS/TS) | 可疑 eval 调用 | | 6 | covert-exec-python | os.system/subprocess in .py | Python 危险调用 | | 11 | cron-injection | Cron/launchctl injection | 定时任务注入 | | 12 | hidden-executable | Hidden executable files | 隐藏可执行文件 | | 13 | hex/unicode-obfuscation | Hex/Unicode obfuscation | hex/Unicode 混淆 | | 14 | symlink-sensitive | Symlinks to sensitive paths | 敏感符号链接 | | 16 | custom-registry | Non-official registries | 非官方包源 | | 20 | skillmd-privilege-escalation | Privilege escalation | 权限提升 | | 21 | dockerfile-sensitive-mount | Sensitive mounts | 敏感目录挂载 | | 21 | dockerfile-host-network | Host network mode | 主机网络模式 |

    Exit Codes / 退出码

  • 0 — ✅ Clean / 安全
  • 1 — 🟡 Warnings / 有警告
  • 2 — 🔴 Critical / 有严重发现
  • Dependencies / 依赖

    No external dependencies. Uses: bash, grep, sed, find, file, awk, readlink, perl 零外部依赖,仅使用系统自带工具。