category-collector 安全扫描报告 — 低风险 | ClawSafe

18 /100

category-collector

Shopify 网店分类链接采集器 - 从导航结构提取真实分类层级，处理 Ajax 懒加载，输出 CSV

Legitimate Shopify category scraper with benign code; pre-scan HIGH flag on hardcoded IP was a false positive (Chrome version string in User-Agent). Minor doc/code mismatch on declared permissions.

技能名称category-collector

分析耗时88.2s

引擎pi

✓

可以安装

The skill is safe for use. Consider updating SKILL.md to remove the 'exec' tool declaration since no shell execution is present, and trim the 7 near-identical scripts to a single entry point.

安全发现 4 项

严重性	安全发现	位置
低危	Pre-scan HIGH IOC was a false positive The hardcoded IP '120.0.0.0' flagged at collect-ajax.js:38 is actually the Chrome version number (120.0.0.0) embedded in the User-Agent string, not a network IP address. This pattern appears identically in all 5 collect*.js files. `userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36'` → No action needed — false positive. ClawSafe pre-scan pattern for IP addresses should be refined to exclude version numbers in User-Agent strings.	`collect-ajax.js:38`
低危	SKILL.md declares 'exec' tool but no shell execution is used The allowed-tools list includes 'exec' (mapping to shell:WRITE), but no child_process, exec, spawn, or execSync calls exist in any of the JavaScript files. The skill only uses Node.js fs and Playwright APIs. `allowed-tools: exec, read, write, edit` → Remove 'exec' from allowed-tools or add a comment explaining why it is declared if the code genuinely uses it. Alternatively, add 'browser' to the allowed-tools list since Playwright is the actual capability used.	`SKILL.md:2`
低危	Browser resource not declared in allowed-tools All scraper scripts heavily use Playwright (browser automation): launching Chromium, navigating pages, hovering to trigger Ajax menus, taking screenshots. The 'browser' resource is not declared in allowed-tools. `const browser = await chromium.launch({ headless: false, timeout: 60000 })` → Add 'browser' to allowed-tools: browser (maps to browser:WRITE for Playwright usage).	`collect.js:33`
提示	5 nearly identical script variants suggest messy development artifacts collect.js, collect-ajax.js, collect-correct.js, collect-correct-hover.js, and collect-improved.js share >80% identical code. This is not a security issue but reduces maintainability and could confuse users about which script to run. `Multiple files with identical structure: collectCategories() + extractNavigationStructure() + generateCSV()` → Consolidate into a single collect.js with a --method flag or remove the intermediate development versions.	`collect.js, collect-ajax.js, collect-correct.js, collect-correct-hover.js, collect-improved.js:1`

资源类型	声明权限	推断权限	状态	证据
文件系统	`WRITE`	`WRITE`	✓ 一致	fs.writeFileSync / fs.mkdirSync used in all collect*.js files for CSV and screen…
网络访问	`READ`	`READ`	✓ 一致	page.goto() fetches user-supplied URLs; no external data exfiltration found
命令执行	`WRITE`	`NONE`	✗ 越权	SKILL.md declares 'exec' but no child_process/exec/spawn/execSync found in any .…
浏览器	`NONE`	`WRITE`	✗ 越权	chromium.launch(), page.hover(), page.screenshot() used in all collect*.js files…
环境变量	`NONE`	`NONE`	—	No os.environ iteration or env key access found
技能调用	`NONE`	`NONE`	—	No inter-skill invocation found
剪贴板	`NONE`	`NONE`	—	No clipboard read/write found
数据库	`NONE`	`NONE`	—	No database access found

1 高危 8 项发现

📡

高危 IP 地址硬编码 IP 地址

120.0.0.0

collect-ajax.js:38

🔗

中危外部 URL 外部 URL

https://shop.futvortexstore.com/

README.md:36

🔗

中危外部 URL 外部 URL

https://lulumonclick-eu.shop/collections/women-women-clothes-tank-tops

README.md:58

🔗

中危外部 URL 外部 URL

https://shop.futvortexstore.com/collections/liverpool

SKILL.md:63

🔗

中危外部 URL 外部 URL

https://.../collections/premier-league/liverpool

collect-correct-hover.js:299

🔗

中危外部 URL 外部 URL

https://registry.npmmirror.com/fsevents/-/fsevents-2.3.2.tgz

package-lock.json:20

🔗

中危外部 URL 外部 URL

https://registry.npmmirror.com/playwright/-/playwright-1.58.2.tgz

package-lock.json:34

🔗

中危外部 URL 外部 URL

https://registry.npmmirror.com/playwright-core/-/playwright-core-1.58.2.tgz

package-lock.json:52

目录结构

12 文件 · 60.2 KB · 2107 行

JavaScript 7f · 1832L Markdown 2f · 174L JSON 3f · 101L

├─ 📜 collect-ajax.js JavaScript 351L · 10.1 KB

├─ 📜 collect-correct-hover.js JavaScript 327L · 9.2 KB

├─ 📜 collect-correct.js JavaScript 321L · 8.9 KB

├─ 📜 collect-improved.js JavaScript 336L · 9.4 KB

├─ 📜 collect.js JavaScript 346L · 10.3 KB

├─ 📜 debug-liverpool.js JavaScript 82L · 2.5 KB

├─ 📜 debug-nav.js JavaScript 69L · 1.8 KB

├─ 📋 package-lock.json JSON 63L · 1.7 KB

├─ 📋 package.json JSON 22L · 491 B

├─ 📝 README.md Markdown 78L · 2.1 KB

├─ 📋 setup.json JSON 16L · 478 B

└─ 📝 SKILL.md Markdown 96L · 3.0 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`playwright`	`^1.40.0`	npm	否	Version range not pinned, minor version updates could introduce breaking changes

安全亮点

✓ No child_process/exec/spawn usage — the skill is pure Node.js/Playwright

✓ No credential harvesting or environment variable enumeration

✓ No data exfiltration — network calls are only to user-supplied URLs

✓ No base64/eval/atob deobfuscation patterns

✓ No sensitive path access (~/.ssh, ~/.aws, .env files)

✓ No curl|bash or wget|sh remote script execution

✓ No hidden functionality — all behavior matches the stated purpose

✓ No HTML comment injection or steganography

✓ No C2 infrastructure, reverse shells, or suspicious outbound connections