扫描报告
5 /100
anatomy-quiz-master
Interactive anatomy quiz generator for medical education with multiple question types, difficulty levels, and anatomical regions
Anatomy education tool with straightforward quiz generation functionality; no malicious patterns detected. The declared Bash tool is unused in the actual implementation, but presents no risk as the script uses only standard library.
可以安装
Skill is safe for use. The broad allowed-tools declaration (Bash, Write) exceeds actual needs but poses no security threat given the benign code.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | WRITE | WRITE | ✓ 一致 | scripts/main.py:216 - writes to user-specified output file |
| 命令执行 | WRITE | NONE | ✓ 一致 | scripts/main.py - no subprocess, os.system, or shell commands found |
| 网络访问 | NONE | NONE | — | No network requests in code |
| 环境变量 | NONE | NONE | — | No os.environ access |
目录结构
4 文件 · 26.2 KB · 793 行 Markdown 2f · 535L
Python 1f · 255L
Text 1f · 3L
├─
▾
references
│ └─
guidelines.md
Markdown
├─
▾
scripts
│ └─
main.py
Python
├─
requirements.txt
Text
└─
SKILL.md
Markdown
依赖分析 3 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
argparse | stdlib | Python | 否 | Standard library module |
json | stdlib | Python | 否 | Standard library module |
random | stdlib | Python | 否 | Standard library module |
安全亮点
✓ Uses only Python standard library (argparse, json, random, pathlib)
✓ No network requests or data exfiltration
✓ No credential harvesting or environment variable access
✓ No subprocess or shell execution despite Bash declaration
✓ No obfuscation or base64-encoded content
✓ No sensitive file access (no ~/.ssh, ~/.aws, .env paths)
✓ No external dependencies beyond standard library
✓ Output restricted to user-specified files only
✓ Clean, readable code with no suspicious patterns