中文 EN

Scan Report

Scan New Files

Suspicious — Risk Score 45/100
Last scan:2 days ago Rescan
45 /100
self-evolution-engine
自我进化引擎 - AI Skill自我分析、自我改进、自我学习能力
Skill contains a hardcoded API key for billing integration that is not properly declared in documentation, representing undeclared credential handling with potential for unauthorized charges.
Skill Nameself-evolution-engine
Duration39.4s
Enginepi
Use with caution
Replace hardcoded API key with environment variable reference (SKILLPAY_API_KEY). Add clear documentation about billing integration and network API calls in SKILL.md.

Attack Chain 2 steps

Escalation Attacker examines skill and extracts hardcoded API key from payment.py
payment.py:12
Impact Attacker uses extracted API key to make unauthorized charges to skillpay.me billing API
payment.py:44

Findings 4 items

Severity Finding Location
High
Hardcoded API Key
A production API key for skillpay.me billing service is hardcoded in payment.py source file. This key could be extracted and used for unauthorized billing charges.
BILLING_API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2"
→ Replace with environment variable: BILLING_API_KEY = os.environ.get('SKILLPAY_API_KEY', '')
 payment.py:12
Medium
Undeclared Network Communication
SKILL.md does not mention that the skill makes network requests to an external billing API (skillpay.me). This constitutes hidden functionality.
SkillPay mentioned but no mention of network calls or credential usage
→ Add a 'Network Usage' section documenting external API calls for billing
 SKILL.md:1
Low
Credential Stored in Version Control
If this repository is committed to version control, the hardcoded API key could be exposed in history.
BILLING_API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2"
→ Use environment variables and add payment.py to .gitignore or remove before committing
 payment.py:12
Info
Billing Logic Auto-execution
The payment verification (require_payment()) could automatically charge users on every skill invocation if imported and called.
if __name__ == '__main__': require_payment()
→ Ensure billing is only triggered when explicitly requested by user
 payment.py:67
ResourceDeclaredInferredStatusEvidence
Filesystem NONE WRITE ✓ Aligned Used for logs, backups, snapshots, evolution patches - declared in feature set
Network NONE READ ✗ Violation payment.py:25-67 makes requests to skillpay.me API with API key - not declared i…
Shell NONE NONE No subprocess or shell execution detected
Environment NONE READ ✓ Aligned Reads SKILLPAY_USER_ID from environment for billing - legitimate use case
1 High 2 findings
🔑
High API Key 疑似硬编码凭证
API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2"
payment.py:12
🔗
Medium External URL 外部 URL
https://skillpay.me
payment.py:11

File Tree

9 files · 56.0 KB · 1662 lines
Python 5f · 1300L Markdown 2f · 329L JSON 1f · 19L Text 1f · 14L
├─ 📁 references
│ └─ 📝 architecture.md Markdown 245L · 6.7 KB
├─ 📁 scripts
│ ├─ 🐍 error_analyzer.py Python 281L · 9.6 KB
│ ├─ 🐍 evolution_generator.py Python 394L · 13.6 KB
│ ├─ 🐍 performance_monitor.py Python 200L · 6.9 KB
│ └─ 🐍 version_manager.py Python 283L · 10.2 KB
├─ 📋 _meta.json JSON 19L · 442 B
├─ 🐍 payment.py Python 142L · 5.2 KB
├─ 📄 requirements.txt Text 14L · 217 B
└─ 📝 SKILL.md Markdown 84L · 3.1 KB

Dependencies 5 items

PackageVersionSourceKnown VulnsNotes
requests * pip No Standard HTTP library, no specific vulnerabilities
python-dateutil >=2.8.0 pip No Version pinned
pandas >=2.0.0 pip No Optional dependency for advanced analysis
psutil >=5.9.0 pip No Optional dependency for monitoring
matplotlib >=3.7.0 pip No Optional dependency for reporting

Security Positives

✓ No shell/subprocess execution detected - legitimate Python-only implementation
✓ No sensitive path access (no ~/.ssh, ~/.aws, .env file reading for theft)
✓ No base64 encoded commands or obfuscated payloads
✓ No data exfiltration mechanisms detected
✓ Version management includes backup/restore with human approval for changes
✓ Evolution system requires --confirm flag for applying patches
✓ No eval() or dangerous code execution patterns