安全决策报告
face-analysis
This TCM face-analysis skill contains hardcoded database credentials, undeclared database connectivity, and hidden token management functionality not documented in SKILL.md.
最直接的威胁证据
高危 凭证窃取
Hardcoded Database Credentials in config.yaml The config.yaml file contains plaintext database credentials including username 'admin' and password 'Smyx2025@db' connecting to MySQL at 172.31.16.2:3306. These credentials are committed to the codebase.
skills/scripts/common/config.yaml:4 为什么得出这个结论
3/4 个维度触发 阻止
声明与实际能力
发现 2 项声明之外的能力或越权行为。
阻止
隐藏执行与外联
提取到 2 个高危 IOC 或外联信号。
阻止
攻击链与高危发现
报告包含 0 步攻击链,另有 4 项高危或严重发现。
复核
依赖与供应链卫生
发现 3 项需要关注的依赖或供应链线索。
风险分是怎么被拉高的
Hardcoded database credentials in config files +20
config.yaml contains mysql://admin:Smyx2025@[email protected]:3306 with plaintext password
Undeclared database access functionality +20
dao.py implements SQLAlchemy CRUD operations on sys_user table storing tokens - not mentioned in SKILL.md
Feishu app secret hardcoded in config +15
config.yaml line 15 contains feishu-app--secret: zYJMyYcB4kIF5uPCwFACBdmvbr3JkK8r
Token storage in database +10
User model stores token and open_token fields with no encryption
最关键的证据
高危 凭证窃取
Hardcoded Database Credentials in config.yaml
The config.yaml file contains plaintext database credentials including username 'admin' and password 'Smyx2025@db' connecting to MySQL at 172.31.16.2:3306. These credentials are committed to the codebase.
skills/scripts/common/config.yaml:4 Remove hardcoded credentials; use environment variables or a secrets manager.
高危 凭证窃取
Hardcoded Feishu App Secret
The Feishu (Lark) application secret 'zYJMyYcB4kIF5uPCwFACBdmvbr3JkK8r' is hardcoded in config.yaml. This secret can be used to authenticate with Feishu APIs.
skills/scripts/common/config.yaml:15 Remove hardcoded secret; use environment variables for authentication tokens.
高危 文档欺骗
Undeclared Database Connectivity and Token Management
The skill SKILL.md only documents video face analysis, but the actual code implements full CRUD operations on a 'sys_user' database table that stores user tokens and open_tokens. This functionality is completely hidden from documentation.
skills/scripts/common/dao.py:54 Update SKILL.md to document all database operations and token management features, or remove this undeclared functionality.
高危 供应链
Database Passwords in Test/Dev Configs with Special Characters
config-test.yaml and config-dev.yaml contain database credentials 'remoteuser:qA{tov-89atz0>opvim&!)[email protected]:3306' which may indicate password complexity but credentials are still hardcoded.
skills/scripts/common/config-test.yaml:1 Move all credentials to environment variables or a secrets manager.
中危 敏感访问
Environment Variable Reading for User Identification
The code reads OPENCLAW_SENDER_OPEN_ID, OPENCLAW_SENDER_USERNAME, and FEISHU_OPEN_ID from environment variables for user identification, which is legitimate but worth noting for audit purposes.
skills/scripts/common/config.py:195 Document what user identification data is collected and how it is used.
声明能力 vs 实际能力
文件系统 通过
声明 READ
→ 推断 READ
scripts/face_analysis.py - file upload via multipart/form-data 网络访问 阻止
声明 READ
→ 推断 WRITE
skills/scripts/common/dao.py:45 - database WRITE to MySQL server 数据库 阻止
声明 NONE
→ 推断 WRITE
skills/scripts/common/dao.py:54-180 - Full CRUD operations on sys_user table 可疑产物与外联
高危 API 密钥
API_KEY = "your-api-key-here" README.md:11
高危 IP 地址
172.31.16.2 skills/scripts/common/config.yaml:4
中危 外部 URL
https://your-api-server.com/api/v1/face-analysis README.md:10
中危 外部 URL
http://livemonitortest.lifeemergence.com/smyx-open-api skills/scripts/common/config-dev.yaml:4
中危 外部 URL
https://healthtest.lifeemergence.com/jeecg-boot skills/scripts/common/config-dev.yaml:5
中危 外部 URL
http://192.168.1.234:8080/jeecg-boot skills/scripts/common/config-dev.yaml:6
中危 外部 URL
https://open.lifeemergence.com/smyx-open-api skills/scripts/common/config.yaml:5
中危 外部 URL
https://lifeemergence.com/jeecg-boot skills/scripts/common/config.yaml:6
依赖与供应链
| 包名 | 版本 | 来源 | 漏洞 | 备注 |
|---|---|---|---|---|
| requests | 2.32.5 | pip | 否 | Version pinned - good practice |
| sqlalchemy | 2.0.46 | pip | 否 | Version pinned - good practice |
| pymysql | 1.1.2 | pip | 否 | Version pinned - good practice |
| cryptography | 3.4.8 | pip | 否 | Version not latest but stable release |
文件构成
21 个文件 · 2036 行
Python 12 个文件 · 1590 行Markdown 3 个文件 · 286 行Text 1 个文件 · 127 行YAML 5 个文件 · 33 行
需关注文件 · 3
skills/scripts/common/dao.py Undeclared Database Connectivity and Token Management
skills/scripts/common/config.py Environment Variable Reading for User Identification
README.md API_KEY = "your-api-key-here" · https://your-api-server.com/api/v1/face-analysis
其他文件 · util.py · skill.py · face_analysis.py · SKILL.md · api_service.py · requirements.txt +3
安全亮点
No shell execution (subprocess) detected - skill uses only Python libraries
No base64-encoded payloads or obfuscation techniques observed
No direct IP address network requests to suspicious endpoints
No attempts to access ~/.ssh, ~/.aws, or other sensitive home directory files
No curl|bash or wget|sh remote script execution patterns
Legitimate API-based face analysis functionality as documented