ai-intelligent-content-generation Security Report — Low Risk | ClawSafe

15 /100

ai-intelligent-content-generation

内容生成，文章生成 + 图片生成

A minimal content generation skill consisting only of documentation with no executable code. The only concern is unpinned pip dependencies in installation instructions.

Skill Nameai-intelligent-content-generation

Duration24.6s

Enginepi

✓

Safe to install

Consider adding version pins to requirements.txt and including actual implementation code for full security audit.

Findings 1 items

Severity	Finding	Location
Low	Unpinned pip dependencies Supply Chain The installation instructions use 'pip install -r requirements.txt' without specifying version constraints, which could allow malicious package updates. `pip install -r requirements.txt` → Use pip install -r requirements.txt with pinned versions (e.g., pip install -r requirements.txt --require-hashes) or include a hash pinned requirements.txt	`SKILL.md:30`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`NONE`	—	No code files present to analyze
Network	`NONE`	`NONE`	—	No code files present to analyze
Shell	`NONE`	`NONE`	—	No code files present to analyze
Environment	`NONE`	`NONE`	—	No code files present to analyze
Skill Invoke	`NONE`	`NONE`	—	No code files present to analyze
Clipboard	`NONE`	`NONE`	—	No code files present to analyze
Browser	`NONE`	`NONE`	—	No code files present to analyze
Database	`NONE`	`NONE`	—	No code files present to analyze

File Tree

1 files · 970 B · 51 lines

Markdown 1f · 51L

└─ 📝 SKILL.md Markdown 51L · 970 B

Security Positives

✓ No executable code present - only documentation

✓ No base64-encoded commands or obfuscation detected

✓ No credential harvesting or sensitive file access

✓ No network exfiltration or C2 communication

✓ No remote script execution (curl|bash)

✓ No reverse shell or RCE patterns

Scan Report

Findings 1 items

File Tree

Security Positives