中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 12/100
上次扫描:1 天前 重新扫描
12 /100
factory-floor
Startup coach skill for founders — constraint diagnosis, marketing strategy, and prioritization using Goldratt, Maurya, Sharp, Ritson, Rumelt, Clausewitz, and JTBD frameworks
A legitimate startup coaching skill with no malicious behavior. Two minor technical concerns: unpinned npm dependency and execSync usage, both documented and scoped to legitimate package installation.
技能名称factory-floor
分析耗时60.4s
引擎pi
可以安装
No blocking action needed. Consider pinning beautiful-mermaid to a specific version in scripts/package.json to strengthen the supply chain posture.

安全发现 2 项

严重性 安全发现 位置
低危
Unpinned npm dependency allows version drift 供应链
scripts/package.json declares beautiful-mermaid as ^1.1.3 with a caret range, permitting updates to any 1.x.x version. This creates a theoretical supply chain risk where a compromised future release could be auto-installed.
"beautiful-mermaid": "^1.1.3"
→ Pin to exact version: "beautiful-mermaid": "1.1.3" or use a hash-based integrity check.
 scripts/package.json:5
低危
execSync runs shell command during install 权限提升
bin/install.mjs executes 'npm install --silent' via execSync. This is scoped to a local directory and documented as part of the install process, but shell execution is worth tracking for audit purposes.
execSync('npm install --silent', { cwd: join(target, 'scripts'), stdio: 'inherit' })
→ This is expected behavior for a skill with an executable dependency. No action needed for security; just acknowledge it in capability declarations if tracking shell:WRITE.
 bin/install.mjs:53
资源类型声明权限推断权限状态证据
文件系统 NONE NONE No filesystem access declared in SKILL.md. bin/install.mjs writes only to ~/.cla…
网络访问 NONE NONE No network calls in any code. External URLs in README.md are static references t…
命令执行 NONE NONE bin/install.mjs:53 uses execSync but this is the installer's own deployment logi…
环境变量 NONE NONE No environment variable access. grep found zero matches for os.environ, process.…
技能调用 READ READ ✓ 一致 SKILL.md declares skill_invoke routing logic. Reads stage and reference .md file…
剪贴板 NONE NONE No clipboard access in any file.
浏览器 NONE NONE No browser or WebFetch usage.
数据库 NONE NONE No database access.
4 项发现
🔗
中危 外部 URL 外部 URL
https://img.shields.io/npm/v/@swiftner/factory-floor
README.md:3
🔗
中危 外部 URL 外部 URL
https://www.npmjs.com/package/@swiftner/factory-floor
README.md:3
🔗
中危 外部 URL 外部 URL
https://agentskills.io
README.md:7
🔗
中危 外部 URL 外部 URL
https://swiftner.com
README.md:141

目录结构

28 文件 · 230.3 KB · 5339 行
Markdown 21f · 5144L JavaScript 2f · 137L JSON 3f · 47L YAML 1f · 11L
├─ 📁 agents
│ ├─ 📝 analyzer.md Markdown 52L · 1.6 KB
│ ├─ 📝 grader.md Markdown 65L · 2.4 KB
│ └─ 📋 openai.yaml YAML 11L · 321 B
├─ 📁 assets
│ └─ 📦 icon.svg 460 B
├─ 📁 bin
│ └─ 📜 install.mjs JavaScript 61L · 1.8 KB
├─ 📁 references
│ ├─ 📝 coaching-patterns.md Markdown 118L · 5.1 KB
│ ├─ 📝 estimation.md Markdown 485L · 20.5 KB
│ ├─ 📝 intake.md Markdown 87L · 4.1 KB
│ ├─ 📝 jtbd.md Markdown 494L · 21.7 KB
│ ├─ 📝 misdiagnoses.md Markdown 35L · 2.4 KB
│ ├─ 📝 pillar-goldratt.md Markdown 177L · 8.0 KB
│ ├─ 📝 pillar-maurya.md Markdown 299L · 13.1 KB
│ ├─ 📝 pillar-ritson.md Markdown 505L · 18.9 KB
│ ├─ 📝 pillar-sharp.md Markdown 376L · 17.5 KB
│ ├─ 📝 pillar-strategy.md Markdown 531L · 23.4 KB
│ ├─ 📝 weekly-diagrams.md Markdown 47L · 1.6 KB
│ └─ 📝 weekly-review.md Markdown 81L · 2.7 KB
├─ 📁 scripts
│ ├─ 📋 package.json JSON 8L · 136 B
│ └─ 📜 render-diagram.mjs JavaScript 76L · 2.1 KB
├─ 📁 stages
│ ├─ 📝 growth.md Markdown 580L · 23.8 KB
│ ├─ 📝 pre-revenue.md Markdown 301L · 12.5 KB
│ ├─ 📝 restart.md Markdown 181L · 7.3 KB
│ └─ 📝 scaling.md Markdown 402L · 16.6 KB
├─ 📋 _meta.json JSON 5L · 132 B
├─ 📝 CLAUDE.md Markdown 58L · 6.1 KB
├─ 📋 package.json JSON 34L · 815 B
├─ 📝 README.md Markdown 141L · 7.9 KB
└─ 📝 SKILL.md Markdown 129L · 7.3 KB

依赖分析 1 项

包名版本来源已知漏洞备注
beautiful-mermaid ^1.1.3 npm Version range allows minor/patch updates. No known vulnerabilities at time of analysis.

安全亮点

✓ No credential theft: no access to ~/.ssh, ~/.aws, .env, or environment variables for sensitive keys
✓ No data exfiltration: no network calls, no external IP communication, no POST requests
✓ No obfuscation: all code is readable plain text, no base64, eval, or atob patterns
✓ No prompt injection: no hidden instructions in HTML comments or anywhere else
✓ No persistence mechanisms: no cron jobs, startup hooks, or backdoor installation
✓ No sensitive file access: filesystem operations are scoped to the skill's own install directory
✓ No arbitrary command execution: execSync is limited to a fixed npm install command in a known directory
✓ MIT license with clear authorship and public GitHub repository
✓ Skill behavior fully matches documentation — no doc-to-code mismatch
✓ File tree is transparent: 21 markdown files (business logic/documentation), 2 JS scripts (diagram rendering + install)