secretary-core 安全扫描报告 — 低风险 | ClawSafe

20 /100

secretary-core

智能助理核心技能，支持20轮对话上下文、情感识别、主动提醒、日程管理，集成飞书/钉钉/企业微信

Benign AI assistant skill with clean code but notable doc-to-implementation mismatch - declares multi-platform integration features without corresponding implementation code.

技能名称secretary-core

分析耗时56.4s

引擎pi

✓

可以安装

The skill is safe for use but requires clarification on missing platform integration implementations before production deployment.

安全发现 3 项

严重性	安全发现	位置
低危	Multi-platform integration declared but not implemented 文档欺骗 SKILL.md metadata requires FEISHU_BOT_TOKEN, DINGTALK_BOT_TOKEN, WECHAT_BOT_TOKEN and shows integration examples, but the Python code contains no platform integration modules, no API calls, and never reads environment variables. `requires: { api_keys: [FEISHU_BOT_TOKEN, DINGTALK_BOT_TOKEN, WECHAT_BOT_TOKEN] }` → Either implement the declared platform integrations or remove the API key requirements from metadata	`SKILL.md:13`
低危	File structure mismatch 文档欺骗 SKILL.md documents a complete module structure (platform/, tests/, context_manager.py, emotion_detector.py, etc.) that does not exist in the repository. `├── platform/ │ ├── feishu.py │ ├── dingtalk.py │ └── wechat.py` → Ensure documentation reflects actual file structure or implement missing modules	`SKILL.md:310`
低危	Unpinned dependency version 供应链 requirements.txt specifies 'numpy>=1.20.0' without an upper bound, potentially allowing installation of versions with known vulnerabilities. `numpy>=1.20.0` → Pin to a specific version range (e.g., numpy>=1.20.0,<1.26.0) to prevent automatic upgrade to vulnerable versions	`requirements.txt:1`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	All implementations use in-memory storage only; no file read/write operations
网络访问	`READ (API integrations)`	`NONE`	✗ 越权	SKILL.md declares Feishu/DingTalk/WeChat integrations but no network requests ex…
命令执行	`NONE`	`NONE`	—	No subprocess, os.system, or shell command execution found
环境变量	`READ (API tokens)`	`NONE`	✗ 越权	SKILL.md requires FEISHU_BOT_TOKEN etc. but code never accesses os.environ or an…
技能调用	`NONE`	`NONE`	—	No cross-skill invocation patterns detected
剪贴板	`NONE`	`NONE`	—	No clipboard access found
浏览器	`NONE`	`NONE`	—	No browser automation detected
数据库	`NONE`	`NONE`	—	No database connections found

2 项发现

🔗

中危外部 URL 外部 URL

https://clawhub.com/skill/secretary-core

README.md:205

🔗

中危外部 URL 外部 URL

https://secretary-core.readthedocs.io/

SKILL.md:414

目录结构

12 文件 · 83.6 KB · 2948 行

Python 5f · 1566L Markdown 5f · 1373L JSON 1f · 8L Text 1f · 1L

├─ 📋 clawhub.json JSON 8L · 222 B

├─ 📝 CONTEXT_MANAGER.md Markdown 163L · 3.9 KB

├─ 📝 INTENT_UNDERSTANDING.md Markdown 156L · 3.4 KB

├─ 📝 README.md Markdown 210L · 6.0 KB

├─ 📝 RELEASE-v3.0.0.md Markdown 398L · 8.2 KB

├─ 📄 requirements.txt Text 1L · 14 B

├─ 🔑 secretary_efficiency_v1.py ⚠ Python 292L · 10.1 KB

├─ 🔑 secretary_v1.5.py ⚠ Python 140L · 4.4 KB

├─ 🔑 secretary_v2.1_adaptive.py ⚠ Python 327L · 11.7 KB

├─ 🔑 secretary_v2.py ⚠ Python 257L · 8.3 KB

├─ 🔑 secretary_v3.0.0.py ⚠ Python 550L · 18.3 KB

└─ 📝 SKILL.md Markdown 446L · 9.2 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`numpy`	`>=1.20.0`	pip	否	Version not pinned; only dependency, minimal supply chain risk

安全亮点

✓ No shell execution, subprocess, or system command invocation detected

✓ No credential harvesting or environment variable reading for exfiltration

✓ No network requests to external IPs or C2 infrastructure

✓ No base64 encoding, obfuscation, or anti-analysis techniques

✓ No sensitive file path access (~/.ssh, ~/.aws, .env files)

✓ No reverse shell, C2 communication, or data exfiltration patterns

✓ No hidden functionality in HTML comments or disguised payloads

✓ Clean Python code with standard library usage (json, re, datetime, dataclasses, enum)

✓ All data processing is in-memory with no persistence or file writes

✓ No prompt injection or jailbreak instructions found