Scan Report
5 /100
readme-maker
Design beautiful GitHub profile READMEs with templates. CLI for checking, validating, generating, and formatting README files and documentation.
readme-maker is a straightforward bash-based README CLI with purely local file logging — no network calls, credential access, obfuscation, or external dependencies.
Safe to install
No blocking action needed. The skill is safe for use as described.
Findings 1 items
| Severity | Finding | Location |
|---|---|---|
| Low | Logging behavior is mentioned but not detailed in SKILL.md Doc Mismatch | SKILL.md:1 |
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Shell | WRITE | WRITE | ✓ Aligned | Bash shebang, set -euo pipefail, date/wc/du/tail/grep/sed/cat commands — all app… |
| Filesystem | READ+WRITE | WRITE | ✓ Aligned | Writes exclusively to ~/.local/share/readme-maker/ for logging; no sensitive pat… |
| Network | NONE | NONE | — | Zero network calls in script.sh. |
| Environment | NONE | NONE | — | No access to os.environ or environment variables beyond HOME. |
| credential | NONE | NONE | — | No credential paths (~/.ssh, ~/.aws, .env) accessed. |
1 findings
Info Email 邮箱地址
[email protected] SKILL.md:112 File Tree
2 files · 15.4 KB · 425 lines Shell 1f · 313L
Markdown 1f · 112L
├─
▾
scripts
│ └─
script.sh
Shell
└─
SKILL.md
Markdown
Security Positives
✓ No network requests — zero outbound connectivity
✓ No credential or sensitive path access (~/.ssh, ~/.aws, .env, etc.)
✓ No obfuscation (no base64, eval, atob, or encoded payloads)
✓ No external dependencies or API calls
✓ Uses strict bash mode (set -euo pipefail)
✓ All file I/O is confined to a dedicated user-local directory (~/.local/share/readme-maker/)
✓ No remote script execution (curl|bash, wget|sh, etc.)
✓ No supply-chain risk — pure standard Unix utilities only
✓ Script content is clear, readable, and auditable