PYX Scan: AI 智能体技能安全性与风险验证 - Openclaw Skills
作者:互联网
2026-03-28
AI教程
什么是 PYX Scan?
PYX Scan 是 AI 环境中关键的安全层,旨在将任何技能集成到工作流之前评估其安全状况。通过直接连接 PYX Scanner API,该工具提供实时的信任状态、风险分数和详细的安全建议。它作为 Openclaw Skills 的主动守门员,确保用户和自主智能体不会无意中部署恶意或过时的代码。
该技能自动化了检查权限、意图和历史扫描数据的复杂过程。它提供结构化报告,赋能开发者对其工具链做出明智决策,助力维护安全可靠的智能体生态系统。
下载入口:https://github.com/openclaw/skills/tree/main/skills/fysoul17/pyx-scan
安装与下载
1. ClawHub CLI
从源直接安装技能的最快方式。
npx clawhub@latest install pyx-scan
2. 手动安装
将技能文件夹复制到以下位置之一
全局模式~/.openclaw/skills/
工作区
/skills/ 优先级:工作区 > 本地 > 内置
3. 提示词安装
将此提示词复制到 OpenClaw 即可自动安装。
请帮我使用 Clawhub 安装 pyx-scan。如果尚未安装 Clawhub,请先安装(npm i -g clawhub)。
PYX Scan 应用场景
- 在安装前验证公共仓库中发现的新技能的完整性。
- 审计现有的 Openclaw Skills,以检查是否存在过时版本或新发现的安全漏洞。
- 在多智能体系统中创建自动化安全闸门,要求智能体在执行前必须验证工具。
- 针对用户的安全查询提供即时回答,如“这个技能安全吗?”或“扫描这个工具”。
- 解析输入,从提供的参数中识别仓库所有者和技能名称。
- 通过 WebFetch 或 curl 备用方案查询 PYX Scanner API 以获取最新的安全数据。
- 分析 JSON 响应中的关键指标,如信任分数、风险分数和当前建议。
- 评估版本信息,以确定该技能是否已过时或自上次扫描以来已被修改。
- 生成包含明确结论(安全、警告、失败或未扫描)的综合 Markdown 报告,并指导用户如何继续操作。
PYX Scan 配置指南
要将 PYX Scan 与您的 Openclaw Skills 配合使用,请确保您的环境支持 WebFetch 或已安装 curl 以进行 API 通信。标准扫描功能不需要额外的 API 密钥。只需以 owner/name 格式传递目标仓库即可。
# 智能体触发扫描的示例
pyx-scan anthropic/web-search
PYX Scan 数据架构与分类体系
该技能处理并返回组织成特定类别的安全元数据,以确保透明度和可操作的洞察。
| 字段 | 描述 |
|---|---|
| 结论 | 最终安全状态(SAFE、OUTDATED、CAUTION、FAILED 或 UNSCANNED) |
| 信任分数 | 指示技能整体可靠性的数值(0-10) |
| 风险分数 | 基于代码分析指示潜在威胁级别的数值(0-10) |
| 置信度 | 扫描仪对当前结论的确定性百分比 |
| 权限 | 技能请求的系统或网络权限的详细列表 |
name: pyx-scan
description: >
Check whether an AI agent skill is safe before installing or using it.
Calls the PYX Scanner API to retrieve trust status, risk score, and safety
recommendation. Use when agent needs to verify skill safety, or user says
"is this safe", "check skill", "scan skill", "verify tool", "pyx scan".
allowed-tools: WebFetch, Bash(curl *)
argument-hint: "[owner/name]"
PYX Scan — Agent Skill Safety Check
Verify whether an AI agent skill is safe before installing or using it by querying the PYX Scanner API.
Workflow
Step 1: Parse Input
Extract owner and name from $ARGUMENTS.
- Expected format:
owner/name(e.g.,anthropic/web-search) - If
$ARGUMENTSis empty or missing the/separator, ask the user: "Which skill do you want to check? Provide it asowner/name(e.g.,anthropic/web-search)." - Trim whitespace. Reject if either part is empty after trimming.
Step 2: Call the PYX Scanner API
Fetch the safety data:
WebFetch URL: https://scanner.pyxmate.com/api/v1/check/{owner}/{name}
Prompt: "Return the full JSON response body exactly as-is. Do not summarize."
If WebFetch fails (tool unavailable, network error), fall back to:
curl -s "https://scanner.pyxmate.com/api/v1/check/{owner}/{name}"
Step 3: Handle Errors
| HTTP Status | Meaning | Action |
|---|---|---|
| 200 | Skill found | Proceed to Step 4 |
| 404 | Skill not in database | Verdict = UNSCANNED |
| 429 | Rate limited | Verdict = ERROR — "Rate limited. Try again shortly." |
| 5xx | Server error | Verdict = ERROR — "PYX Scanner is temporarily unavailable." |
| Network failure | Cannot reach API | Verdict = ERROR — "Could not connect to PYX Scanner." |
Step 4: Determine Verdict
Use the JSON response fields to determine the verdict:
| Condition | Verdict |
|---|---|
recommendation == "safe" AND is_outdated == false |
SAFE |
recommendation == "safe" AND is_outdated == true |
OUTDATED |
recommendation == "caution" |
CAUTION |
recommendation == "danger" |
FAILED |
recommendation == "unknown" |
UNSCANNED |
Step 5: Output Report
Format the report as structured markdown. Omit any section where the data is null or empty.
For SAFE verdict:
## PYX Scan: {owner}/{name}
**Verdict: SAFE** — This skill has been scanned and verified safe.
**Trust Score:** {trust_score}/10 | **Risk Score:** {risk_score}/10 | **Confidence:** {confidence}%
**Intent:** {intent} | **Status:** {status}
### Summary
{summary}
### About
**Purpose:** {about.purpose}
**Capabilities:** {about.capabilities as bullet list}
**Permissions Required:** {about.permissions_required as bullet list}
[View full report]({detail_url}) | [Badge]({badge_url})
For OUTDATED verdict:
## PYX Scan: {owner}/{name}
**Verdict: OUTDATED** — Last scan was safe, but the skill has been updated since.
The scanned commit (`{scanned_commit}`) no longer matches the latest (`{latest_commit}`).
The new version has NOT been reviewed. Proceed with caution.
**Trust Score:** {trust_score}/10 | **Risk Score:** {risk_score}/10
**Last Safe Commit:** {last_safe_commit}
### Summary
{summary}
[View full report]({detail_url})
For CAUTION verdict:
## PYX Scan: {owner}/{name}
**Verdict: CAUTION** — This skill has potential risks that need your attention.
**Trust Score:** {trust_score}/10 | **Risk Score:** {risk_score}/10 | **Confidence:** {confidence}%
**Intent:** {intent} | **Status:** {status}
### Summary
{summary}
### About
**Purpose:** {about.purpose}
**Permissions Required:** {about.permissions_required as bullet list}
**Security Notes:** {about.security_notes}
**Do you want to proceed despite the caution rating?** Please confirm before installing or using this skill.
[View full report]({detail_url})
For FAILED verdict:
## PYX Scan: {owner}/{name}
**Verdict: FAILED** — This skill has been flagged as dangerous. Do NOT install or use it.
**Trust Score:** {trust_score}/10 | **Risk Score:** {risk_score}/10 | **Confidence:** {confidence}%
**Intent:** {intent} | **Status:** {status}
### Summary
{summary}
### About
**Security Notes:** {about.security_notes}
[View full report]({detail_url})
For UNSCANNED verdict:
## PYX Scan: {owner}/{name}
**Verdict: UNSCANNED** — This skill has not been scanned by PYX Scanner.
No safety data is available. You should:
1. Review the skill's source code manually before use
2. Check the skill's repository for known issues
3. Request a scan at https://scanner.pyxmate.com
For ERROR verdict:
## PYX Scan: {owner}/{name}
**Verdict: ERROR** — {error_message}
Safety could not be verified. Treat this skill as unverified until you can confirm its safety.
Behavioral Rules
- Always call the API — never skip the check or return a cached/assumed result.
- Never soften a FAILED verdict — if the scan says danger, report danger. Do not add qualifiers like "but it might be fine."
- Always ask user confirmation on CAUTION — the user must explicitly agree before proceeding.
- Keep reports concise — omit null/empty sections rather than showing "N/A."
- No raw JSON — always format the response as the structured markdown report above.
Self-Scan Awareness
When $ARGUMENTS is pyxmate/pyx-scan, pyxmate/pyx-scanner, or refers to this skill itself, still call the API honestly and report whatever comes back. If the result is UNSCANNED, append:
"Yes, even the security scanner's own skill hasn't been scanned yet. We practice what we preach — treat unscanned skills with caution."
相关推荐
专题
+ 收藏
+ 收藏
+ 收藏
+ 收藏
+ 收藏
最新数据
相关文章
ERC-8004:区块链 AI 代理身份与声誉 - Openclaw Skills
行动建议器:人工智能驱动的潜客跟进建议 - Openclaw Skills
会话成本追踪器:优化 Token 投资回报率 - Openclaw Skills
Memoria: AI 智能体结构化记忆系统 - Openclaw Skills
Deno 运行时专家:安全 TypeScript 开发 - Openclaw Skills
为 AI 代理部署 Spark Bitcoin L2 代理 - Openclaw Skills
加密货币价格技能:实时市场数据集成 - Openclaw Skills
Happenstance:专业人脉搜索与研究 - Openclaw Skills
飞书日历技能:通过 Openclaw Skills 自动化日程安排
顾问委员会:多人格 AI 加密货币分析 - Openclaw Skills
AI精选
