Scan Report
5 /100
historical-guide
博物馆讲解器升级版:召唤李白、苏轼、孔子等历史人物讲解文物
This is a legitimate museum guide AI skill that summons historical figures to narrate about artifacts. All functionality is documented, no malicious behavior detected.
Safe to install
This skill is safe to use. Ensure API keys are properly secured and not committed to version control.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | READ | READ | ✓ Aligned | scripts/character_loader.py:27-33 - reads persona JSON files from references/ |
| Network | READ | READ | ✓ Aligned | scripts/tour_guide.py:98-107 - makes HTTP POST requests to configured LLM API |
| Shell | WRITE | WRITE | ✓ Aligned | scripts/tour_guide.py:280-285 - subprocess.run() for persona_generator.py; docum… |
1 findings
Medium External URL 外部 URL
https://api.example.com/v1/chat/completions SKILL.md:45 File Tree
10 files · 47.4 KB · 1414 lines Python 7f · 1082L
Markdown 1f · 316L
JSON 2f · 16L
├─
▾
scripts
│ ├─
api_config.py
Python
│ ├─
character_loader.py
Python
│ ├─
config.json
⚠
JSON
│ ├─
persona_generator.py
Python
│ ├─
relic_presenter.py
Python
│ ├─
session_manager.py
Python
│ ├─
tour_guide.py
Python
│ └─
utils.py
Python
├─
_meta.json
JSON
└─
SKILL.md
Markdown
Dependencies 1 items
| Package | Version | Source | Known Vulns | Notes |
|---|---|---|---|---|
requests | * | pip | No | Version not pinned; standard HTTP library for LLM API calls |
Security Positives
✓ No credential harvesting or exfiltration detected
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)
✓ No base64-encoded shell commands
✓ No eval() with decoded content
✓ No remote script execution (curl|bash, wget|sh)
✓ API keys stored in environment or local config.json (empty by default)
✓ subprocess usage is documented and necessary for dynamic persona generation
✓ No hidden functionality - all features declared in SKILL.md
✓ No data exfiltration or suspicious network activity
✓ Simple dependency: only 'requests' library used for API calls