中文 EN

Scan Report

Scan New Files

Low Risk — Risk Score 20/100
Last scan:20 hr ago Rescan
20 /100
landing-page-angle-tester
针对同一产品生成多种 landing page 叙事角度,并标注适配人群和证据要求
A legitimate landing-page copywriting skill with mostly clean code; a minor doc-to-code mismatch exists where filesystem WRITE via script output is not declared in SKILL.md frontmatter.
Skill Namelanding-page-angle-tester
Duration44.4s
Enginepi
Safe to install
Add filesystem:WRITE to SKILL.md frontmatter's allowed-tools mapping since scripts/run.py writes output files. Otherwise the skill is safe and suitable for use.

Findings 3 items

Severity Finding Location
Low
Undeclared filesystem WRITE capability Doc Mismatch
scripts/run.py accepts --output to write rendered reports to user-specified paths (line 262: output_path.write_text). This is filesystem WRITE but is not declared in SKILL.md frontmatter allowed-tools. The behavior is documented in README.md but not in the machine-readable metadata.
output_path.write_text(rendered, encoding="utf-8")
→ Add 'filesystem:WRITE' to SKILL.md frontmatter allowed-tools mapping to match the script's --output functionality.
 scripts/run.py:262
Low
Shell execution referenced in body but not frontmatter Doc Mismatch
SKILL.md line 31 states '如运行环境允许 shell / exec,可使用 python3 scripts/run.py', yet the frontmatter allowed-tools does not declare shell:WRITE. This is a doc-to-metadata mismatch.
python3 "{baseDir}/scripts/run.py" --input <输入文件> --output <输出文件>
→ Add shell:WRITE to the frontmatter allowed-tools mapping if shell execution is a supported execution path.
 SKILL.md:31
Info
Credential-pattern scanning in pattern_audit mode Sensitive Access
run.py defines PATTERNS dict including 'secret_like' regex to detect API keys and tokens. This is a security-audit feature (not exfiltration) that reads files looking for leaked secrets. The behavior is benign but accesses file content for pattern matching.
"secret_like": r"(api[_-]?key|token|secret|password)\s*[:=]\s*['\"]?[A-Za-z0-9_\-]{8,}"
→ This is legitimate defensive scanning. No action needed; it matches the skill_audit mode documented in spec.json.
 scripts/run.py:150
ResourceDeclaredInferredStatusEvidence
Filesystem NONE WRITE ✗ Violation scripts/run.py:262 — output_path.write_text(rendered)
Shell NONE WRITE ✗ Violation SKILL.md:31 — '如运行环境允许 shell / exec,可使用 python3 scripts/run.py ...'
Network NONE NONE No network calls in run.py; only file I/O and regex scanning
Environment NONE NONE run.py imports os but only for Path operations; no os.environ iteration
Skill Invoke NONE NONE No inter-skill invocation
Clipboard NONE NONE No clipboard access
Browser NONE NONE No browser automation
Database NONE NONE No database access
1 findings
🔗
Medium External URL 外部 URL
https://example.invalid/skills/landing-page-angle-tester
SKILL.md:6

File Tree

9 files · 20.6 KB · 561 lines
Python 1f · 282L Markdown 7f · 243L JSON 1f · 36L
├─ 📁 examples
│ ├─ 📝 example-input.md Markdown 18L · 613 B
│ └─ 📝 example-output.md Markdown 24L · 616 B
├─ 📁 resources
│ ├─ 📋 spec.json JSON 36L · 913 B
│ └─ 📝 template.md Markdown 23L · 904 B
├─ 📁 scripts
│ └─ 🐍 run.py Python 282L · 11.1 KB
├─ 📁 tests
│ └─ 📝 smoke-test.md Markdown 34L · 888 B
├─ 📝 README.md Markdown 70L · 2.2 KB
├─ 📝 SELF_CHECK.md Markdown 19L · 1.1 KB
└─ 📝 SKILL.md Markdown 55L · 2.3 KB

Dependencies 1 items

PackageVersionSourceKnown VulnsNotes
python3 (stdlib only) any stdlib No No third-party packages — uses only Python standard library (argparse, csv, json, os, re, sys, pathlib, collections)

Security Positives

✓ No external network requests or C2 communication detected
✓ No base64-encoded execution, eval(), or obfuscation present
✓ No curl|bash or wget|sh remote script execution
✓ No credential harvesting or exfiltration — PATTERNS are for scanning, not stealing
✓ No hidden HTML content or prompt injection detected
✓ No unauthorized access to ~/.ssh, ~/.aws, .env, or other sensitive paths
✓ Python standard library only — no third-party dependencies
✓ Script is well-structured with proper argument parsing and error handling
✓ Intentions clearly documented: read-only by default, explicit dry-run support
✓ SELF_CHECK.md self-assessment correctly identifies the skill's safe nature