hair-cam-anno 安全扫描报告 — 低风险 | ClawSafe

22 /100

hair-cam-anno

安防摄像头视频 VL 模型微调数据集标注工具

A legitimate video annotation tool that processes surveillance camera footage for VL model fine-tuning, using subprocess for ffmpeg/ffprobe which is necessary and appropriate but not declared in SKILL.md.

技能名称hair-cam-anno

分析耗时32.0s

引擎pi

✓

可以安装

Declare the use of subprocess (shell:WRITE) and filesystem WRITE permissions in SKILL.md. Consider removing the hardcoded /root/hair-cam path reference from the usage description.

安全发现 3 项

严重性	安全发现	位置
中危	Undeclared subprocess shell execution 文档欺骗 SKILL.md presents the tool as running Python scripts only, but extract_frames.py internally invokes ffmpeg and ffprobe via subprocess.run. This shell:WRITE capability is not declared in the skill description. `result = subprocess.run(cmd, capture_output=True, text=True)` → Update SKILL.md to declare shell:WRITE for ffmpeg/ffprobe subprocess execution	`scripts/extract_frames.py:48`
低危	Hardcoded sensitive path reference in description 文档欺骗 The SKILL.md description explicitly references '/root/hair-cam' directory containing surveillance video data, implying access to a sensitive personal path. This is not declared as a capability but is baked into the usage context. `处理 /root/hair-cam 目录下的视频数据` → Remove hardcoded path references from SKILL.md description; use generic placeholder like '<视频目录>' instead	`SKILL.md:1`
低危	Filesystem WRITE not declared privile_escalation Both scripts write output files (frame images, manifest.json, dataset.jsonl) to disk, but SKILL.md only implies READ access. This is a minor mismatch as the file writes are necessary for the tool's core function. `Use when 用户需要对安防摄像头视频进行数据标注、生成 VL 模型训练数据集` → Declare filesystem:WRITE in capability map	`SKILL.md:1`

资源类型	声明权限	推断权限	状态	证据
命令执行	`NONE`	`WRITE`	✗ 越权	scripts/extract_frames.py:48-49, 66-69 (subprocess.run calls to ffmpeg/ffprobe)
文件系统	`READ`	`WRITE`	✗ 越权	scripts/extract_frames.py:47 (writes frame images to output_dir); scripts/build_…
网络访问	`NONE`	`NONE`	—	No network activity found
环境变量	`NONE`	`NONE`	—	No environment variable access
技能调用	`NONE`	`NONE`	—	No skill invocation
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser usage
数据库	`NONE`	`NONE`	—	No database access

目录结构

5 文件 · 18.3 KB · 493 行

Python 2f · 302L Markdown 3f · 191L

├─ ▾ 📁 references

│ ├─ 📝 labels-reference.md Markdown 47L · 2.6 KB

│ └─ 📝 system-prompt.md Markdown 65L · 2.5 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 build_jsonl.py Python 192L · 6.9 KB

│ └─ 🐍 extract_frames.py Python 110L · 3.7 KB

└─ 📝 SKILL.md Markdown 79L · 2.6 KB

安全亮点

✓ No network requests or external communication detected

✓ No credential harvesting or environment variable enumeration

✓ No obfuscation, base64-encoded execution, or anti-analysis techniques

✓ No remote script execution (curl|bash, wget|sh)

✓ No sensitive file access (~/.ssh, ~/.aws, .env)

✓ No persistence mechanisms (cron, startup hooks, backdoors)

✓ No prompt injection or LLM manipulation

✓ No malicious dependencies — no package files present

✓ subprocess usage is limited to standard CLI tools (ffmpeg, ffprobe) which is necessary and appropriate for video processing