扫描报告
5 /100
andara-rag-search
Search the Andara Ionic RAG knowledge base (3,800+ records) for business intel, research, products, team, meetings, and any indexed content.
A read-only RAG knowledge base search skill with all capabilities properly declared and no malicious behavior detected.
可以安装
Approve for use. The skill is straightforward and all declared capabilities match the implementation.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 命令执行 | WRITE | WRITE | ✓ 一致 | SKILL.md: Uses 'bash' tool to run psql commands |
| 环境变量 | READ | READ | ✓ 一致 | SKILL.md: Accesses $DATABASE_URL environment variable |
| 数据库 | READ | READ | ✓ 一致 | SKILL.md: Explicitly states 'Never INSERT, UPDATE, or DELETE — read-only access … |
目录结构
1 文件 · 3.6 KB · 100 行 Markdown 1f · 100L
└─
SKILL.md
Markdown
安全亮点
✓ All capabilities explicitly declared in SKILL.md
✓ Read-only database access enforced and documented
✓ No credential harvesting or exfiltration behavior
✓ No obfuscation or base64-encoded payloads
✓ No suspicious file paths accessed (~/.ssh, ~/.aws, etc.)
✓ No remote script execution (curl|bash, wget|sh)
✓ No supply chain risks (no dependencies, single markdown file)
✓ No hidden functionality or documentation mismatch