中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:2 days ago Rescan
5 /100
auto-dev
Automotive data for AI agents — VIN decoding, vehicle listings, payments, recalls via MCP tools, CLI, SDK, or direct API
Pure documentation skill for automotive APIs with no executable code, no credential theft, and transparent declared permissions.
Skill Nameauto-dev
Duration33.9s
Enginepi
Safe to install
No action needed. This skill is safe to use as-is.
ResourceDeclaredInferredStatusEvidence
Network READ READ ✓ Aligned SKILL.md documents auto.dev API endpoints; no direct network calls made by skill…
Filesystem NONE NONE No file operations in any .md file
Shell NONE NONE No shell commands, subprocess, or script execution in any file
Environment READ READ ✓ Aligned SKILL.md:env.AUTODEV_API_KEY declared as optional secret for direct API auth
1 High 36 findings
🔑
High API Key 疑似硬编码凭证
API_KEY="sk_ad_your_key_here"
README.md:88
🔗
Medium External URL 外部 URL
https://www.contributor-covenant.org
CODE_OF_CONDUCT.md:41
🔗
Medium External URL 外部 URL
https://docs.auto.dev/
CONTRIBUTING.md:66
🔗
Medium External URL 外部 URL
https://img.shields.io/github/license/drivly/auto-dev-skill
README.md:8
🔗
Medium External URL 外部 URL
https://img.shields.io/github/stars/drivly/auto-dev-skill
README.md:9
🔗
Medium External URL 外部 URL
https://img.shields.io/github/issues/drivly/auto-dev-skill
README.md:10
🔗
Medium External URL 外部 URL
https://skills.sh/drivly/auto-dev-skill/auto-dev
README.md:11
🔗
Medium External URL 外部 URL
https://img.shields.io/badge/skills.sh-auto--dev-blue
README.md:11
🔗
Medium External URL 外部 URL
https://docs.auto.dev/v2/cli-mcp-sdk
README.md:12
🔗
Medium External URL 外部 URL
https://img.shields.io/badge/docs-auto.dev-black
README.md:12
🔗
Medium External URL 外部 URL
https://clawhub.ai/bryant22/auto-dev
README.md:13
🔗
Medium External URL 外部 URL
https://img.shields.io/badge/clawhub-auto--dev-orange
README.md:13
🔗
Medium External URL 外部 URL
https://auto.dev
README.md:17
🔗
Medium External URL 外部 URL
https://auto.dev/dashboard
README.md:85
🔗
Medium External URL 外部 URL
https://www.auto.dev/pricing
README.md:145
🔗
Medium External URL 外部 URL
https://auto.dev/pricing
SKILL.md:45
🔗
Medium External URL 外部 URL
https://api.auto.dev
SKILL.md:100
🔗
Medium External URL 外部 URL
https://auto.dev/api
SKILL.md:101
🔗
Medium External URL 外部 URL
https://api.auto.dev/listings?vehicle.make=Mazda&vehicle.model=CX-90&retailListing.price=1-60000&retailListing.state=FL
examples.md:9
🔗
Medium External URL 外部 URL
https://www.carfax.com/VehicleHistory/p/Report.cfx?vin=JM3KKAHD5T1379650&partner=FRD_2
examples.md:41
🔗
Medium External URL 外部 URL
https://retail.photos.vin/JM3KKAHD5T1379650-1.jpg
examples.md:47
🔗
Medium External URL 外部 URL
https://www.lithia.com/catcher.esl?vin=JM3KKAHD5T1379650
examples.md:49
🔗
Medium External URL 外部 URL
https://api.auto.dev/vin/JM3KKAHD5T1379650
examples.md:77
🔗
Medium External URL 外部 URL
https://api.auto.dev/payments/JM3KKAHD5T1379650?price=39520&zip=33132&downPayment=5000&loanTerm=60
examples.md:126
🔗
Medium External URL 外部 URL
https://api.auto.dev/recalls/1FMUK7DHXSGA27345
examples.md:194
🔗
Medium External URL 外部 URL
https://api.auto.dev/tco/1C4SJVBP5RS114977?zip=33132
examples.md:236
🔗
Medium External URL 外部 URL
https://api.auto.dev/listings
integration-recipes.md:228
🔗
Medium External URL 外部 URL
https://checkout.auto.dev/c/pay/cs_live_b1ADJsHS7aKwyfy3VtKCrsOwqFS5KypHun0IJNWTEdvUOaqRkIMO4cKVtg#fid1d2BpamRhQ2prcSc%2...
pricing.md:56
🔗
Medium External URL 外部 URL
https://checkout.auto.dev/c/pay/cs_live_b1TL0JYID0rFU4npa6aHx3ehYjbZ6UYSPRXN4PN2uBf2IaFKmt9QOG62nR#fid1d2BpamRhQ2prcSc%2...
pricing.md:57
🔗
Medium External URL 外部 URL
https://checkout.auto.dev/c/pay/cs_live_b15OTFmnq3Z1Ub3WsROc5yHd3gC3EcFNrCn5xqpbgKEsH1Vzf7zxq2Qm5e#fid1d2BpamRhQ2prcSc%2...
pricing.md:58
🔗
Medium External URL 外部 URL
https://api.auto.dev/listings/
v2-listings-api.md:85
🔗
Medium External URL 外部 URL
https://api.auto.dev/plate/
v2-plate-api.md:3
🔗
Medium External URL 外部 URL
https://api.auto.dev/
v2-vin-apis.md:3
🔗
Medium External URL 外部 URL
https://api.auto.dev/photos/retail/
v2-vin-apis.md:45
📧
Info Email 邮箱地址
[email protected]
CODE_OF_CONDUCT.md:37
📧
Info Email 邮箱地址
[email protected]
integration-recipes.md:155

File Tree

20 files · 110.8 KB · 3651 lines
Markdown 19f · 3650L YAML 1f · 1L
├─ 📁 .github
│ ├─ 📁 ISSUE_TEMPLATE
│ │ ├─ 📝 bug_report.md Markdown 33L · 702 B
│ │ └─ 📝 feature_request.md Markdown 28L · 642 B
│ └─ 📋 FUNDING.yml YAML 1L · 15 B
├─ 📝 app-scaffolding.md Markdown 301L · 8.6 KB
├─ 📝 business-workflows.md Markdown 270L · 7.7 KB
├─ 📝 chaining-patterns.md Markdown 130L · 4.2 KB
├─ 📝 CODE_OF_CONDUCT.md Markdown 41L · 2.1 KB
├─ 📝 code-patterns.md Markdown 725L · 17.7 KB
├─ 📝 CONTRIBUTING.md Markdown 67L · 2.8 KB
├─ 📝 error-recovery.md Markdown 141L · 4.9 KB
├─ 📝 examples.md Markdown 331L · 9.6 KB
├─ 📝 integration-recipes.md Markdown 402L · 11.4 KB
├─ 📝 interactive-explorer.md Markdown 118L · 4.2 KB
├─ 📝 pricing.md Markdown 83L · 4.2 KB
├─ 📝 README.md Markdown 235L · 8.8 KB
├─ 📝 SKILL.md Markdown 172L · 6.4 KB
├─ 📝 v1-apis.md Markdown 148L · 4.1 KB
├─ 📝 v2-listings-api.md Markdown 98L · 3.3 KB
├─ 📝 v2-plate-api.md Markdown 45L · 1.1 KB
└─ 📝 v2-vin-apis.md Markdown 282L · 8.3 KB

Security Positives

✓ No executable code - entirely markdown documentation
✓ All capabilities declared in SKILL.md frontmatter
✓ No scripts directory or shell commands present
✓ No credential harvesting patterns found
✓ No base64, eval, or obfuscated code
✓ No hidden functionality in HTML comments or elsewhere
✓ API key reference in README is a placeholder example ('sk_ad_your_key_here'), not an actual credential
✓ External URLs are all legitimate automotive data service references