davinci-auto-editor 安全扫描报告 — 低风险 | ClawSafe

20 /100

davinci-auto-editor

Cloud-driven DaVinci Resolve automation skill that scans local media, requests a cloud editing plan, and generates a Resolve-importable EDL package with pure Node.

DaVinci Resolve automation skill with legitimate cloud API integration, no shell execution, and no credential harvesting. A hardcoded external IP in example config is the primary concern.

技能名称davinci-auto-editor

分析耗时30.6s

引擎pi

✓

可以安装

Accept for use but replace the hardcoded IP in config with a proper domain name or environment variable. Consider pinning the external API endpoint in production deployments.

安全发现 3 项

严重性	安全发现	位置
中危	Hardcoded external IP address in example configuration The examples/config.example.json contains a hardcoded IP address '43.137.46.105:8787' which is an external network endpoint. While this is in an example file (not production code), it represents a potential risk if users copy this config without changing the endpoint. `"api_base_url": "http://43.137.46.105:8787"` → Replace hardcoded IP with a placeholder domain name or hostname variable (e.g., 'https://api.your-service.com'). Add documentation warning users to configure their own endpoint.	`examples/config.example.json:2`
低危	API key transmitted in Authorization header The skill transmits the api_key in the Authorization Bearer header to the configured cloud endpoint. This is standard practice but means the key is visible in network traffic if HTTPS is not enforced. 'authorization': `Bearer ${this.apiKey}` → Ensure the configured api_base_url uses HTTPS to protect the API key in transit.	`scripts/index.js:175`
低危	Material paths sent to external cloud API The skill sends absolute file paths of media files to the cloud API for planning purposes. While declared in SKILL.md, users should be aware that local file structure information is exfiltrated. `absolutePath: fullPath` → Document this behavior clearly and consider offering an option to send only relative paths or file hashes.	`scripts/index.js:41`

资源类型	声明权限	推断权限	状态	证据
文件系统	`WRITE`	`WRITE`	✓ 一致	scripts/index.js:36 - Recursive media scan; writes EDL, JSON, and report files t…
网络访问	`READ`	`READ`	✓ 一致	scripts/index.js:156-183 - ApiClient class uses fetch() to GET/POST cloud API en…
命令执行	`NONE`	`NONE`	—	No child_process, exec, spawn, or shell invocation found in codebase
环境变量	`NONE`	`NONE`	—	No os.environ iteration or credential extraction from environment variables

1 高危 2 项发现

📡

高危 IP 地址硬编码 IP 地址

43.137.46.105

examples/config.example.json:2

🔗

中危外部 URL 外部 URL

http://43.137.46.105:8787

examples/config.example.json:2

目录结构

8 文件 · 25.3 KB · 821 行

JavaScript 1f · 470L Markdown 2f · 181L JSON 3f · 166L YAML 1f · 4L

├─ ▾ 📁 agents

│ └─ 📋 openai.yaml YAML 4L · 265 B

├─ ▾ 📁 assets

│ └─ 📦 icon.svg 578 B

├─ ▾ 📁 examples

│ └─ 📋 config.example.json JSON 23L · 676 B

├─ ▾ 📁 scripts

│ └─ 📜 index.js JavaScript 470L · 15.2 KB

├─ 📋 manifest.json JSON 118L · 2.6 KB

├─ 📋 package.json JSON 25L · 530 B

├─ 📝 README.md Markdown 108L · 3.0 KB

└─ 📝 SKILL.md Markdown 73L · 2.5 KB

安全亮点

✓ No shell execution capability - no child_process, exec, spawn, or shell invocation found

✓ No credential harvesting from environment variables or sensitive paths (~/.ssh, ~/.aws, .env)

✓ No base64-encoded payloads or eval() with decoded content

✓ No reverse shell, C2 communication, or data exfiltration beyond declared cloud API calls

✓ No hidden instructions in HTML comments or disguised payloads

✓ Code is straightforward and performs exactly what SKILL.md describes

✓ Error handling includes best-effort fallback reporting without exposing sensitive data

✓ API key is only used for declared cloud API authentication, not exfiltrated elsewhere