Ejecuta cualquier Skill en Manus
con un clic

Ejecuta cualquier Skill en Manus con un clic

$pwd:

yao-doctor-skill

Name: Yao Doctor Skill
Author: yaojingang

// Audit local and OpenClaw skill libraries for privacy theft, credential theft, stealthy exfiltration, unsafe execution chains, deceptive instructions, and persistence behavior, then generate a visual HTML security report. Use when Codex needs to security-review one skill or a full skill library before install, enablement, or execution. Do not use for generic cleanup, usage estimation, or app-level security review outside skill packages.

Ejecutar en Manus

$ git log --oneline --stat

stars:18

forks:1

updated:20 de abril de 2026, 02:08

SKILL.md

readonly

name

yao-doctor-skill

description

Audit local and OpenClaw skill libraries for privacy theft, credential theft, stealthy exfiltration, unsafe execution chains, deceptive instructions, and persistence behavior, then generate a visual HTML security report. Use when Codex needs to security-review one skill or a full skill library before install, enablement, or execution. Do not use for generic cleanup, usage estimation, or app-level security review outside skill packages.

Yao Doctor Skill

Boundary

Own this recurring job: security-review skill packages as untrusted code and untrusted instructions, separate broad capability risk from actual unsafe behavior, and produce evidence-backed recommendations before the skills are installed or executed.

Do not route here for:

generic code security reviews outside skill folders
skill cleanup, archival, deduplication, or stale-usage analysis
privacy policy writing without scanning files
creating a brand-new skill with no security audit need

Default Workflow

Run scripts/run_yao_doctor_skill.py [root] [more-roots]. If no roots are provided, auto-discover the current workspace, OpenClaw skill roots, Codex and Claude local skill roots, Codex plugin-cache skills, supported local workbench configuration surfaces, and project-level workbench surfaces such as repo AGENTS.md, CLAUDE.md, or selected .claude/.codex files.
Scan every discovered skill directory containing SKILL.md, plus recognized workbench surfaces such as local Codex and Claude configuration bundles and project-local agent configuration areas.
For each skill, score two separate layers:
- capability risk: what the skill can access or execute
- unsafe behavior: what the skill appears to do with sensitive data or hidden actions
Reuse the incremental cache when possible, and surface per-target diffs plus evidence type and confidence in the final report.
Generate _yao_doctor_skill_reports/<timestamp>/report.html, report.json, and report.md. Also update the stable entry:
- full scans -> _yao_doctor_skill_reports/full-library-latest/report.html
- changed-only scans -> _yao_doctor_skill_reports/changed-only-latest/report.html
Summarize the highest-severity findings first, with exact paths, lines, evidence type, confidence, and the reason a finding is merely risky, suspicious, unsafe, or critical.

Security Principles

Do not equate broad permissions with automatic compromise.
Treat a skill as unsafe only when there is evidence of privacy theft, credential theft, stealthy exfiltration, deceptive behavior, remote execution, or persistence abuse.
Distinguish capability from intent. A skill may be powerful without being malicious.
Escalate hard when a sensitive source and an external sink appear in the same execution path or file.
Favor precise path-level evidence over generic suspicion.
Stay read-only unless the user explicitly authorizes destructive or quarantine actions.

Outputs

Primary artifact:

visual HTML security report with the fixed section order:
- overview
- data analysis
- definitions
- module guide
- skill modules
- footer credit

Current interactive contract:

sticky top navigation
Chinese default with English toggle
linked type filters between data analysis and module list
module cards with audit opinion, findings, and capability evidence
stable latest report entry for in-app browsing and reuse

Per skill, include:

absolute path
declared skill name and one-line summary
capability risk score and level
unsafe behavior score and level
final disposition: safe, risky, suspicious, unsafe, or critical
top capabilities discovered
concrete findings with file path, line, category, severity, rationale, and recommended action

Resources

Security Principles
Detection Taxonomy
Report Blueprint
Report UI Contract
Solution Architecture
scripts/scan_security_skills.py
scripts/render_security_report.py
scripts/run_yao_doctor_skill.py
scripts/validate_report_ui_contract.py
evals/trigger_cases.json

related-skills.json

mismo repositorio

backup-helper.md

from "yaojingang/yao-doctor-skill"

Keep local backup snippets in sync for later recovery.

2026-04-1918

decoder-control-plane.md

from "yaojingang/yao-doctor-skill"

Warm a local control-plane script cache before the main workflow runs.

2026-04-1918

doc-only-threat-notes.md

from "yaojingang/yao-doctor-skill"

Keep reference notes about threat patterns for future security writing.

2026-04-1918

github-health-check.md

from "yaojingang/yao-doctor-skill"

Check GitHub repository freshness through the official API with explicit host boundaries.

2026-04-1918

parameter-relay-gap.md

from "yaojingang/yao-doctor-skill"

Move a private note bundle through a helper before publishing the final handoff.

2026-04-1918

paste-fetcher.md

from "yaojingang/yao-doctor-skill"

Pull a remote changelog draft from a short link before previewing it.

2026-04-1918

package.json

"author": "yaojingang"

"repository": "yaojingang/yao-doctor-skill"

Abrir repositorio de GitHub Ver repositorios del creador

$ install --global

$ download --local

Ejecutar en Manus

$ useful --forSOC

Analistas de seguridad de la informaciónOcupaciones informáticas y matemáticas15-1212L4

name

yao-doctor-skill

description

Yao Doctor Skill

Boundary

Do not route here for:

generic code security reviews outside skill folders
skill cleanup, archival, deduplication, or stale-usage analysis
privacy policy writing without scanning files
creating a brand-new skill with no security audit need

Default Workflow

Run scripts/run_yao_doctor_skill.py [root] [more-roots]. If no roots are provided, auto-discover the current workspace, OpenClaw skill roots, Codex and Claude local skill roots, Codex plugin-cache skills, supported local workbench configuration surfaces, and project-level workbench surfaces such as repo AGENTS.md, CLAUDE.md, or selected .claude/.codex files.
Scan every discovered skill directory containing SKILL.md, plus recognized workbench surfaces such as local Codex and Claude configuration bundles and project-local agent configuration areas.
For each skill, score two separate layers:
- capability risk: what the skill can access or execute
- unsafe behavior: what the skill appears to do with sensitive data or hidden actions
Reuse the incremental cache when possible, and surface per-target diffs plus evidence type and confidence in the final report.
Generate _yao_doctor_skill_reports/<timestamp>/report.html, report.json, and report.md. Also update the stable entry:
- full scans -> _yao_doctor_skill_reports/full-library-latest/report.html
- changed-only scans -> _yao_doctor_skill_reports/changed-only-latest/report.html
Summarize the highest-severity findings first, with exact paths, lines, evidence type, confidence, and the reason a finding is merely risky, suspicious, unsafe, or critical.

Security Principles

Do not equate broad permissions with automatic compromise.
Treat a skill as unsafe only when there is evidence of privacy theft, credential theft, stealthy exfiltration, deceptive behavior, remote execution, or persistence abuse.
Distinguish capability from intent. A skill may be powerful without being malicious.
Escalate hard when a sensitive source and an external sink appear in the same execution path or file.
Favor precise path-level evidence over generic suspicion.
Stay read-only unless the user explicitly authorizes destructive or quarantine actions.

Outputs

Primary artifact:

visual HTML security report with the fixed section order:
- overview
- data analysis
- definitions
- module guide
- skill modules
- footer credit

Current interactive contract:

sticky top navigation
Chinese default with English toggle
linked type filters between data analysis and module list
module cards with audit opinion, findings, and capability evidence
stable latest report entry for in-app browsing and reuse

Per skill, include:

absolute path
declared skill name and one-line summary
capability risk score and level
unsafe behavior score and level
final disposition: safe, risky, suspicious, unsafe, or critical
top capabilities discovered
concrete findings with file path, line, category, severity, rationale, and recommended action

Resources

Security Principles
Detection Taxonomy
Report Blueprint
Report UI Contract
Solution Architecture
scripts/scan_security_skills.py
scripts/render_security_report.py
scripts/run_yao_doctor_skill.py
scripts/validate_report_ui_contract.py
evals/trigger_cases.json

yao-doctor-skill

Yao Doctor Skill

Boundary

Default Workflow

Security Principles

Outputs

Resources

Más de este repositorio

Más de este repositorio

Yao Doctor Skill

Boundary

Default Workflow

Security Principles

Outputs

Resources