扫描报告
10 /100
chart-generator
数据可视化图表生成器(支持 7 种图表类型)
A straightforward chart generation tool using matplotlib with no malicious behavior detected. The skill does exactly what its documentation claims.
可以安装
No action required. The skill is safe to use for its documented purpose of generating data visualization charts.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | WRITE | WRITE | ✓ 一致 | --output parameter, line 186 |
| 网络访问 | NONE | NONE | — | No network imports or calls found |
| 命令执行 | NONE | NONE | — | No subprocess or os.system calls |
| 环境变量 | NONE | NONE | — | No os.environ access |
| 技能调用 | NONE | NONE | — | No skill invocation code |
| 剪贴板 | NONE | NONE | — | No clipboard access |
| 浏览器 | NONE | NONE | — | No browser automation |
| 数据库 | NONE | NONE | — | No database operations |
目录结构
2 文件 · 19.3 KB · 532 行 Python 1f · 326L
Markdown 1f · 206L
├─
chart_gen.py
Python
└─
SKILL.md
Markdown
依赖分析 2 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
matplotlib | unspecified | conda/pip | 否 | Standard visualization library, not analyzed for vulnerabilities |
pillow | unspecified | pip | 否 | Standard imaging library, not analyzed for vulnerabilities |
安全亮点
✓ Uses standard, well-audited matplotlib library for chart generation
✓ No network requests or data exfiltration attempts
✓ No credential or sensitive file access
✓ JSON parsing uses safe json.loads() with no eval() or exec()
✓ File writes limited to user-specified output path (default /tmp/chart.png)
✓ Clean separation of concerns with distinct chart generation functions
✓ No obfuscation, base64 encoding, or anti-analysis techniques
✓ Proper error handling with try-except blocks