oatda-list-models 安全扫描报告 — 可信 | ClawSafe

0 /100

oatda-list-models

List available AI models from OATDA's 10+ providers with optional filtering by type or provider name

A straightforward OATDA API client that lists AI models with documented credential file access and shell-based API calls. No suspicious behavior detected.

技能名称oatda-list-models

分析耗时21.1s

引擎pi

✓

可以安装

This skill is safe to use. No security concerns identified.

资源类型	声明权限	推断权限	状态	证据
命令执行	`WRITE`	`WRITE`	✓ 一致	SKILL.md:25-29 - curl commands with API key
文件系统	`READ`	`READ`	✓ 一致	SKILL.md:24 - cat ~/.oatda/credentials.json for API key
网络访问	`READ`	`READ`	✓ 一致	SKILL.md:27-29 - GET requests to oatda.com API
环境变量	`NONE`	`READ`	✓ 一致	SKILL.md:24 - reads OATDA_API_KEY env var if set

6 项发现

🔗

中危外部 URL 外部 URL

https://oatda.com

SKILL.md:4

🔗

中危外部 URL 外部 URL

https://oatda.com/api/v1/llm/models

SKILL.md:40

🔗

中危外部 URL 外部 URL

https://oatda.com/api/v1/llm/models?type=image&provider=openai

SKILL.md:62

🔗

中危外部 URL 外部 URL

https://oatda.com/api/v1/llm/models?type=image

SKILL.md:72

🔗

中危外部 URL 外部 URL

https://oatda.com/api/v1/llm/models?type=video

SKILL.md:76

🔗

中危外部 URL 外部 URL

https://oatda.com/api/v1/llm/models?type=video&provider=bytedance

SKILL.md:80

目录结构

1 文件 · 5.1 KB · 160 行

Markdown 1f · 160L

└─ 📝 SKILL.md Markdown 160L · 5.1 KB

安全亮点

✓ API key handling follows security best practices - only shows first 8 characters

✓ All shell commands and credential file access are explicitly documented in SKILL.md

✓ Only makes read-only GET requests to a legitimate service (oatda.com)

✓ No data exfiltration or credential harvesting for malicious purposes

✓ Clear error handling for authentication and rate limiting errors

✓ Skill purpose (model listing) matches implementation - no hidden functionality

✓ Related skills listed for transparency