claw0x-humanizer 安全扫描报告 — 低风险 | ClawSafe

20 /100

claw0x-humanizer

Remove signs of AI-generated writing from text via the Claw0x API and Gemini LLM

Skill is a legitimate text humanizer with a documentation gap: GEMINI_API_KEY dependency is not declared in SKILL.md, and credential comparison uses unsafe string equality. No malicious behavior observed.

技能名称claw0x-humanizer

分析耗时30.1s

引擎pi

✓

可以安装

Add GEMINI_API_KEY to the required environment variables in SKILL.md metadata. Replace token === expected with a constant-time comparison (e.g., timingSafeEqual). Consider adding input length limits.

安全发现 2 项

严重性	安全发现	位置
低危	Undeclared GEMINI_API_KEY dependency The handler.ts file requires GEMINI_API_KEY (line 88) to call the Gemini API for LLM-powered text humanization, but SKILL.md only declares CLAW0X_API_KEY in its metadata. The LLM rewriting layer (Layer 1) will silently fail and fall back to regex if GEMINI_API_KEY is absent, but users have no documentation indicating this dependency. `const apiKey = env('GEMINI_API_KEY')` → Add 'GEMINI_API_KEY' to the requires.env list in SKILL.md metadata, and document that Layer 1 (LLM rewriting) will fall back to regex if this key is absent.	`handler.ts:88`
低危	Unsafe credential comparison susceptible to timing attack The authenticate() function at line 28 compares the bearer token against the expected key using === (strict equality). This is vulnerable to timing attacks: an attacker who can measure response times could incrementally determine the correct token character by character. `return token === expected` → Use a constant-time comparison function such as crypto.timingSafeEqual(Buffer.from(token), Buffer.from(expected)) with a length check, or a library like 'timing-safe-equals'.	`handler.ts:28`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	No filesystem access in handler.ts
网络访问	`READ`	`READ`	✓ 一致	External API calls to Google Generative Language API and claw0x.com are describe…
命令执行	`NONE`	`NONE`	—	No shell execution in handler.ts
环境变量	`READ`	`READ`	✓ 一致	CLAW0X_API_KEY declared; GEMINI_API_KEY not declared but used
技能调用	`NONE`	`NONE`	—	No skill invocation
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser access
数据库	`NONE`	`NONE`	—	No database access

2 项发现

🔗

中危外部 URL 外部 URL

https://claw0x.com

SKILL.md:50

🔗

中危外部 URL 外部 URL

https://claw0x.com/v1/call

SKILL.md:69

目录结构

2 文件 · 14.8 KB · 358 行

TypeScript 1f · 230L Markdown 1f · 128L

├─ 📜 handler.ts TypeScript 230L · 9.9 KB

└─ 📝 SKILL.md Markdown 128L · 5.0 KB

安全亮点

✓ No shell or subprocess execution — skill is purely request/response

✓ No filesystem access — self-contained handler with no file I/O

✓ No credential harvesting — tokens are used for auth verification only, not exfiltrated

✓ No base64 decode + eval patterns or obfuscated code

✓ No downloads or remote script execution

✓ No access to sensitive local paths (~/.ssh, ~/.aws, .env files on disk)

✓ Intentional network calls (claw0x.com API) are clearly documented in SKILL.md

✓ Input validation present — rejects empty/missing text fields with 400 error

✓ LLM fallback to regex is a legitimate resilience pattern