扫描报告
0 /100
swarmrecall-skills
Skill registry for tracking agent capabilities and getting contextual suggestions via the SwarmRecall API.
This is a pure-documentation skill (SKILL.md only) that declares its remote API calls, credential handling, and data flow transparently with no hidden functionality.
可以安装
No action needed. This skill is safe to use. Optionally clarify the 'persistence' tag in metadata to avoid confusion about its meaning (registry persistence vs. system persistence).
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | NONE | — | SKILL.md: No file read/write operations described or implied. |
| 网络访问 | READ | READ | ✓ 一致 | SKILL.md:29-38,47-48 — All network calls (register, GET/PATCH/DELETE skills) ful… |
| 命令执行 | NONE | NONE | — | SKILL.md: No shell or subprocess usage described. |
| 环境变量 | READ | READ | ✓ 一致 | SKILL.md:13 — Requires SWARMRECALL_API_KEY env var; explicitly states not to wri… |
| 技能调用 | NONE | NONE | — | SKILL.md: No skill_invoke capabilities used. |
| 剪贴板 | NONE | NONE | — | SKILL.md: No clipboard access. |
| 浏览器 | NONE | NONE | — | SKILL.md: No browser usage. |
| 数据库 | NONE | NONE | — | SKILL.md: No direct database access; remote PostgreSQL is server-side (declared)… |
3 项发现
中危 外部 URL 外部 URL
https://www.swarmrecall.ai SKILL.md:14 中危 外部 URL 外部 URL
https://swarmrecall-api.onrender.com/api/v1/register SKILL.md:29 中危 外部 URL 外部 URL
https://swarmrecall-api.onrender.com SKILL.md:46 目录结构
1 文件 · 4.0 KB · 113 行 Markdown 1f · 113L
└─
SKILL.md
Markdown
安全亮点
✓ All network calls to swarmrecall-api.onrender.com are explicitly declared in SKILL.md
✓ Credential (SWARMRECALL_API_KEY) handling is documented and explicitly forbids disk writes
✓ Privacy policy and data isolation (tenant/owner/agent scoped) are declared
✓ HTTPS is confirmed for all data transmission
✓ No obfuscation, base64, eval, or anti-analysis patterns present
✓ No credential harvesting beyond the declared API key
✓ No file system, shell, or clipboard access attempted
✓ Only one file (SKILL.md) — no hidden scripts or supply chain dependencies
✓ Tag 'persistence' refers to registry persistence (sharing skills), not system backdoors