扫描报告
5 /100
everything-cli
Fast indexed local file and path search on Windows using voidtools Everything.
The Everything CLI skill is a legitimate Windows file-search wrapper around voidtools es.exe with no malicious behavior detected.
可以安装
No action needed. The skill is safe to use.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | WRITE | WRITE | ✓ 一致 | scripts/everything-cli.py:95 — writes shims to shim_dir |
| 命令执行 | WRITE | WRITE | ✓ 一致 | scripts/everything-cli.py:37 — subprocess.run spawns PowerShell |
| 网络访问 | READ | READ | ✓ 一致 | references/everything-cli.ps1.txt:387 — Invoke-WebRequest downloads es.exe from … |
| 环境变量 | NONE | READ | ✓ 一致 | scripts/everything-cli.py:48 — reads ENV vars for path discovery; winreg PATH wr… |
| 技能调用 | READ | READ | ✓ 一致 | agents/openai.yaml:allow_implicit_invocation:true |
| 剪贴板 | NONE | NONE | — | |
| 浏览器 | NONE | NONE | — | |
| 数据库 | NONE | NONE | — |
1 高危 2 项发现
高危 IP 地址 硬编码 IP 地址
1.1.0.30 references/everything-cli.ps1.txt:47 中危 外部 URL 外部 URL
https://www.voidtools.com/$zipName references/everything-cli.ps1.txt:383 目录结构
5 文件 · 32.6 KB · 1114 行 Text 1f · 841L
Python 1f · 217L
Markdown 1f · 43L
YAML 1f · 7L
JSON 1f · 6L
├─
▾
agents
│ └─
openai.yaml
YAML
├─
▾
references
│ └─
everything-cli.ps1.txt
Text
├─
▾
scripts
│ └─
everything-cli.py
Python
├─
_meta.json
JSON
└─
SKILL.md
Markdown
安全亮点
✓ No obfuscation: no base64, no eval, no encoded strings anywhere in the codebase.
✓ No credential theft: the skill never reads ~/.ssh, ~/.aws, .env, or iterates os.environ for secrets.
✓ No data exfiltration: no outbound connections except the documented voidtools.com download.
✓ No persistence mechanisms: no cron jobs, startup hooks, or backdoors installed.
✓ No reverse shell or C2 communication.
✓ The external download (es.exe zip from www.voidtools.com) is declared in SKILL.md and necessary for the skill's core functionality.
✓ The pre-scan IOC flagging '1.1.0.30' as a hardcoded IP is a false positive — it is the es.exe version number from voidtools, not a network address.
✓ subprocess.run uses explicit argument lists (not shell=True), preventing command injection.
✓ No third-party dependencies; the skill has zero external package requirements.