中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 10/100
上次扫描:20 小时前 重新扫描
10 /100
iran-war-tracker
高频获取伊朗战争最新动态,分析局势进展和风险资产交易线索,生成结构化伊朗局势分析报告
Legitimate geopolitical news aggregation and analysis tool; no malicious behavior found. The pre-scan HIGH IOC is a false positive (Chrome version number 146.0.0.0, not an IP). Minor doc-code gap on file write capability.
技能名称iran-war-tracker
分析耗时63.1s
引擎pi
可以安装
Approve for use. The skill's behavior is consistent with its stated purpose. Consider documenting the filesystem:WRITE capability for output file writing in SKILL.md.

安全发现 3 项

严重性 安全发现 位置
低危
Undeclared filesystem write capability 文档欺骗
SKILL.md does not mention that the skill can write output files (markdown/JSON) to disk when --output or --json-output flags are provided. This is a minor gap between documented and actual capabilities.
Path(path).write_text(markdown, encoding='utf-8')
→ Add filesystem:WRITE to declared capabilities in SKILL.md if output file writing is intended as a feature.
 scripts/report_writer.py:14
低危
Remote Gist content used as LLM context without integrity check 供应链
The analysis framework is loaded from a remote GitHub Gist (chinfi-codex/b311c4c284c8aa6dae9c833a146a1840) and fed directly to the LLM as context. There is no content hash verification or integrity check before use.
response = session.get(FRAMEWORK_GIST_URL, timeout=FRAMEWORK_REMOTE_TIMEOUT)
→ Consider pinning the Gist content with a known hash, or ensure the Gist owner is trusted and the source is immutable. This is a supply-chain integrity concern for LLM prompt content.
 scripts/framework_loader.py:21
提示
Model search defaults to localhost fallback 敏感访问
When model-based search is preferred, news_search.py falls back to localhost:53699 and localhost:8080. While the intent is to connect to a local AI search service, this could be a concern in untrusted environments.
http://127.0.0.1:53699/search
→ No immediate action needed. This is a standard pattern for connecting to locally running AI search services.
 scripts/news_search.py:77
资源类型声明权限推断权限状态证据
文件系统 READ READ,WRITE ✓ 一致 report_writer.py:14-18 writes files via Path().write_text(); not declared in SKI…
网络访问 READ READ ✓ 一致 news_search.py, cls_feed.py, framework_loader.py, market_data.py all use request…
命令执行 NONE NONE No subprocess/shell execution found. CLI entry via direct Python execution.
环境变量 NONE READ ✓ 一致 ai_client.py:3 reads API keys from os.environ; only reads keys explicitly checke…
1 高危 19 项发现
📡
高危 IP 地址 硬编码 IP 地址
146.0.0.0
scripts/cls_feed.py:92
🔗
中危 外部 URL 外部 URL
https://clawhub.ai/chinfi-codex/iran-war-tracker
SKILL.md:7
🔗
中危 外部 URL 外部 URL
https://stooq.com/q/l/?s=btcusd&i=d
SKILL.md:55
🔗
中危 外部 URL 外部 URL
https://stooq.com/q/l/?s=xauusd&i=d
SKILL.md:56
🔗
中危 外部 URL 外部 URL
https://stooq.com/q/l/?s=cl.f&i=d
SKILL.md:57
🔗
中危 外部 URL 外部 URL
https://stooq.com/q/l/?s=ng.f&i=d
SKILL.md:58
🔗
中危 外部 URL 外部 URL
https://stooq.com/q/l/?s=nq.f&i=d
SKILL.md:59
🔗
中危 外部 URL 外部 URL
https://gist.githubusercontent.com/chinfi-codex/b311c4c284c8aa6dae9c833a146a1840/raw/%E4%BC%8A%E6%9C%97%E5%B1%80%E5%8A%B...
agents/openai.yaml:4
🔗
中危 外部 URL 外部 URL
https://www.cls.cn/nodeapi/telegraphList
scripts/cls_feed.py:28
🔗
中危 外部 URL 外部 URL
https://flash-api.jin10.com/get_flash_list?channel=-8200&vip=1
scripts/cls_feed.py:29
🔗
中危 外部 URL 外部 URL
https://www.cls.cn/telegraph
scripts/cls_feed.py:61
🔗
中危 外部 URL 外部 URL
https://www.jin10.com
scripts/cls_feed.py:82
🔗
中危 外部 URL 外部 URL
https://www.jin10.com/
scripts/cls_feed.py:83
🔗
中危 外部 URL 外部 URL
https://api.tavily.com/search
scripts/config.py:17
🔗
中危 外部 URL 外部 URL
https://lite.duckduckgo.com/lite/
scripts/config.py:18
🔗
中危 外部 URL 外部 URL
https://gist.githubusercontent.com/chinfi-codex/
scripts/config.py:20
🔗
中危 外部 URL 外部 URL
https://api.coingecko.com/api/v3/simple/price
scripts/config.py:48
🔗
中危 外部 URL 外部 URL
https://stooq.com/q/l/?s=
scripts/market_data.py:26
🔗
中危 外部 URL 外部 URL
http://127.0.0.1:53699/search
scripts/news_search.py:77

目录结构

18 文件 · 66.8 KB · 1929 行
Python 14f · 1481L Markdown 2f · 439L JSON 1f · 5L YAML 1f · 4L
├─ 📁 agents
│ └─ 📋 openai.yaml YAML 4L · 1.3 KB
├─ 📁 scripts
│ ├─ 🐍 __init__.py Python 1L · 43 B
│ ├─ 🐍 ai_client.py Python 89L · 3.2 KB
│ ├─ 🐍 cls_feed.py Python 382L · 13.9 KB
│ ├─ 🐍 cls_telegraph.py Python 65L · 1.9 KB
│ ├─ 🐍 config.py Python 119L · 2.6 KB
│ ├─ 🐍 framework_loader.py Python 58L · 1.7 KB
│ ├─ 🐍 iran_tracker.py Python 121L · 4.8 KB
│ ├─ 🐍 market_data.py Python 60L · 2.1 KB
│ ├─ 🐍 news_search.py Python 254L · 9.1 KB
│ ├─ 🐍 normalize.py Python 41L · 1.2 KB
│ ├─ 🐍 prompt_builder.py Python 135L · 5.8 KB
│ ├─ 🐍 report_writer.py Python 25L · 698 B
│ ├─ 🐍 schemas.py Python 70L · 1.6 KB
│ └─ 🐍 time_utils.py Python 61L · 1.4 KB
├─ 📋 skill.json JSON 5L · 196 B
├─ 📝 SKILL.md Markdown 160L · 7.3 KB
└─ 📝 伊朗局势关键变量与经济影响分析框架.md Markdown 279L · 7.9 KB

依赖分析 2 项

包名版本来源已知漏洞备注
requests * pip Version not pinned; standard library urllib also used as alternative
pandas * pip Version not pinned; used for data processing in cls_feed.py

安全亮点

✓ No credential harvesting - only reads explicitly checked API keys from environment variables (OPENAI_API_KEY, TAVILY_API_KEY, LLM_API_KEY, OPENCLAW_API_KEY), no iteration over all env vars
✓ No obfuscation - all code is in plain Python, no base64, no eval(), no dynamic code generation
✓ No data exfiltration - all network requests are to legitimate, publicly documented financial data sources (stooq.com, coingecko.com, cls.cn, jin10.com, Tavily API)
✓ No persistence mechanisms - no cron jobs, startup hooks, or backdoor installation
✓ No reverse shell or C2 infrastructure - no suspicious network connections found
✓ No sensitive path access - does not access ~/.ssh, ~/.aws, .env, or similar credential directories
✓ No curl|bash or remote script execution patterns
✓ No malicious dependencies detected in imports - uses only standard/data-processing packages (requests, pandas, urllib)
✓ Pre-scan HIGH IOC is confirmed false positive - 146.0.0.0 is a Chrome browser version number, not an IP address