中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 22/100
上次扫描:1 天前 重新扫描
22 /100
meta-skill-generator
AI 技能自动生成框架 - 自动扫描、注册、检索、生成、评估、测试、优化技能
A legitimate skill generation framework with minor security concerns: hardcoded API key placeholder in config and subprocess execution for sandboxed code testing.
技能名称meta-skill-generator
分析耗时64.4s
引擎pi
可以安装
Review and update the API key configuration to use environment variables. Ensure sandboxed code execution is properly isolated in production environments.

安全发现 2 项

严重性 安全发现 位置
低危
API Key Configuration Issue 文档欺骗
The config.yaml contains a hardcoded API key placeholder 'YOUR_API_KEY_HERE'. While this is a placeholder, it indicates the credential handling pattern may not follow security best practices.
api_key: "YOUR_API_KEY_HERE"
→ Use environment variables for API keys: os.getenv('DEEPSEEK_API_KEY') instead of hardcoded values
 config.yaml:26
低危
Subprocess Execution in Sandbox 代码执行
sandbox.py uses subprocess.run() to execute Python code in a temporary file. This is documented behavior for skill testing but could be risky if used with untrusted code.
result = subprocess.run(['python', temp_file], capture_output=True, text=True, timeout=self.timeout)
→ Ensure proper sandboxing is in place and consider using Docker isolation as implemented in tester.py
 scripts/sandbox.py:44
资源类型声明权限推断权限状态证据
文件系统 WRITE WRITE ✓ 一致 SKILL.md declares skill generation, config.yaml shows storage paths
网络访问 READ READ ✓ 一致 config.yaml:25 - DeepSeek API for skill generation
命令执行 WRITE WRITE ✓ 一致 sandbox.py:44 - subprocess.run(['python', temp_file]) for sandbox testing
环境变量 READ READ ✓ 一致 generator.py uses llm_client for API calls
1 高危 3 项发现
🔑
高危 API 密钥 疑似硬编码凭证
api_key: "YOUR_API_KEY_HERE"
config.yaml:26
🔗
中危 外部 URL 外部 URL
https://api.deepseek.com
config.yaml:25
🔗
中危 外部 URL 外部 URL
https://hf-mirror.com
scripts/test_mirror.py:9

目录结构

33 文件 · 161.9 KB · 5564 行
Python 22f · 4076L Markdown 6f · 856L JSON 3f · 493L YAML 2f · 139L
├─ 📁 assets
│ └─ 📁 templates
│ ├─ 🐍 base_skill.py Python 96L · 2.3 KB
│ └─ 📋 metadata.yaml YAML 56L · 1.0 KB
├─ 📁 generated
│ ├─ 📁 reminder
│ │ └─ 📝 SKILL.md Markdown 36L · 576 B
│ └─ 📝 truthfulness_optimized.md Markdown 72L · 1.6 KB
├─ 📁 references
│ ├─ 📝 api_reference.md Markdown 301L · 4.7 KB
│ ├─ 📝 architecture.md Markdown 117L · 5.0 KB
│ └─ 📝 examples.md Markdown 236L · 5.1 KB
├─ 📁 scripts
│ ├─ 🐍 __init__.py Python 39L · 1.0 KB
│ ├─ 🐍 auto_refactor.py Python 190L · 6.1 KB
│ ├─ 🐍 composer.py Python 343L · 9.8 KB
│ ├─ 🐍 embed_skill.py Python 259L · 7.8 KB
│ ├─ 🐍 evaluator.py Python 227L · 7.4 KB
│ ├─ 🐍 generate_skill.py Python 120L · 3.2 KB
│ ├─ 🐍 generator.py Python 353L · 8.9 KB
│ ├─ 🐍 init_db.py Python 94L · 2.7 KB
│ ├─ 🐍 optimize_truthfulness.py Python 42L · 1.2 KB
│ ├─ 🐍 optimizer.py Python 293L · 9.7 KB
│ ├─ 🐍 planner.py Python 226L · 7.3 KB
│ ├─ 🐍 sandbox.py Python 155L · 4.5 KB
│ ├─ 🐍 scan_skills.py Python 163L · 5.2 KB
│ ├─ 🐍 simple_db.py Python 106L · 3.2 KB
│ ├─ 🐍 test_mirror.py Python 27L · 702 B
│ ├─ 🐍 tester.py Python 390L · 11.3 KB
│ └─ 🐍 vector_search.py Python 115L · 3.1 KB
├─ 📋 config.yaml YAML 83L · 1.7 KB
├─ 📋 optimize_db.json JSON 97L · 8.5 KB
├─ 📋 scores_db.json JSON 39L · 834 B
├─ 📝 SKILL.md Markdown 94L · 1.9 KB
├─ 📋 skills_db.json JSON 357L · 11.4 KB
├─ 🐍 test_basic_only.py Python 169L · 4.7 KB
├─ 🐍 test_basic.py Python 264L · 7.7 KB
├─ 🐍 test_minimal.py Python 230L · 6.7 KB
└─ 🐍 test_simple.py Python 175L · 4.9 KB

依赖分析 3 项

包名版本来源已知漏洞备注
chromadb not pinned import Version not explicitly pinned in requirements
networkx not pinned import Version not explicitly pinned
sentence-transformers not pinned pip Used for vector embeddings - version not pinned

安全亮点

✓ No credential harvesting - code does not iterate through environment variables to find sensitive keys
✓ No obfuscation - no base64-encoded execution, eval(), or anti-analysis techniques found
✓ No sensitive file access - code does not access ~/.ssh, ~/.aws, or similar sensitive paths
✓ Docker-based sandboxing with security options (no-new-privileges, read-only, network-disabled)
✓ Documentation matches implementation - SKILL.md accurately describes the skill's capabilities
✓ No hidden functionality detected - all code appears to serve the documented purpose