中文 EN

Scan Report

Scan New Files

Suspicious — Risk Score 42/100
Last scan:2 days ago Rescan
42 /100
youdaonote
有道云笔记全能工具:笔记管理、待办管理、网页剪藏
Skill implements a legitimate Youdao Cloud Notes CLI wrapper but documents a dangerous curl|bash installation pattern without adequate warnings, presenting moderate risk despite official source restrictions.
Skill Nameyoudaonote
Duration60.5s
Enginepi
Use with caution
Replace curl|bash with safer alternatives (manual download + verify + execute) or explicitly warn users about the inherent risks of piping remote scripts to bash. Consider adding allowed-tools declaration to SKILL.md frontmatter.

Findings 3 items

Severity Finding Location
Medium
Dangerous curl|bash installation pattern documented
Line 134 presents `curl -fsSL https://artifact.lx.netease.com/download/youdaonote-cli/install.sh | bash` as the official installation method. While restricted to official source and user-executed (not agent self-execution), the curl|bash anti-pattern is inherently dangerous as it bypasses script review.
curl -fsSL https://artifact.lx.netease.com/download/youdaonote-cli/install.sh | bash -s -- -f -b ~/.local/bin
→ Replace with safer pattern: 1) Download to file, 2) User reviews content, 3) User executes with confirmation. Or add prominent warning: '⚠️ SECURITY WARNING: This command downloads and executes a script from the internet. Only proceed if you trust the source.'
 SKILL.md:134
Low
Missing allowed-tools declaration in frontmatter
The SKILL.md frontmatter lacks allowed-tools declaration. The skill implicitly requires Bash access (shell:WRITE) to execute youdaonote CLI commands, but this is not formally declared.
---
name: youdaonote
description: "..."
official: true
version: 1.0.3
minCliVersion: "1.2.0"
---
→ Add to frontmatter: `allowedTools: ["Bash"]` to formally declare shell:WRITE capability requirement.
 SKILL.md:1
Low
Late and understated security guidance
Security guidance '建议用户在执行前确认命令来源可信' appears only in the Windows section and is not prominently displayed near the curl|bash command for macOS/Linux.
建议用户在执行前确认命令来源可信;如对管道执行有顾虑,可先下载脚本后本地查看再执行
→ Move warning to a prominent position before the installation commands, with stronger language and visual emphasis.
 SKILL.md:128
ResourceDeclaredInferredStatusEvidence
Shell NONE WRITE ✓ Aligned SKILL.md:46-48, 134 - Uses Bash commands (youdaonote CLI invocations) implying s…
Network NONE READ ✓ Aligned SKILL.md:134,140-141 - Downloads from official artifact.lx.netease.com; API call…
Filesystem NONE READ ✓ Aligned SKILL.md:46-48 - Uses --file flag for large content transfer (note.json, content…
1 Critical 5 findings
💀
Critical Dangerous Command 危险 Shell 命令
curl -fsSL https://artifact.lx.netease.com/download/youdaonote-cli/install.sh | bash
SKILL.md:134
🔗
Medium External URL 外部 URL
https://mopen.163.com**
SKILL.md:17
🔗
Medium External URL 外部 URL
https://artifact.lx.netease.com/download/youdaonote-cli/install.sh
SKILL.md:126
🔗
Medium External URL 外部 URL
https://artifact.lx.netease.com/download/youdaonote-cli/youdaonote-cli-windows-x64.tar.gz
SKILL.md:140
🔗
Medium External URL 外部 URL
https://artifact.lx.netease.com/download/youdaonote-cli/youdaonote-cli-windows-arm64.tar.gz
SKILL.md:141

File Tree

1 files · 8.8 KB · 160 lines
Markdown 1f · 160L
└─ 📝 SKILL.md Markdown 160L · 8.8 KB

Security Positives

✓ Skill restricts installation to single official source (artifact.lx.netease.com) with explicit prohibition of alternatives
✓ Agent does not self-execute installation; user manually runs commands as documented
✓ No credential harvesting or exfiltration - API key is stored locally via official CLI config
✓ No base64 encoding, eval(), or other code obfuscation patterns
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)
✓ No reverse shell, C2 communication, or data theft indicators
✓ All network access is to official NetEase servers for legitimate service functionality
✓ Clear documentation of CLI capabilities and proper error handling for missing dependencies