扫描报告
0 /100
OpenList Automation
AI Agent skill for managing OpenList file server operations (move, rename, delete, offline downloads) via HTTP API with two-step confirm workflow
OpenList automation skill with well-defined, documented HTTP API interactions using only Python standard library; no shell execution, no credential exfiltration, no obfuscation, and comprehensive plan-apply guardrails.
可以安装
This skill is safe to use. No changes required.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | READ | READ | ✓ 一致 | load_dotenv_values() reads .env; audit_path used for JSONL write; plan files rea… |
| 网络访问 | READ | READ | ✓ 一致 | urllib_request.Request only calls configured OPENLIST_BASE_URL; only whitelisted… |
| 命令执行 | NONE | NONE | — | No subprocess, os.system, or exec* calls found |
| 环境变量 | READ | READ | ✓ 一致 | build_effective_env() reads os.environ for config only; no iteration for credent… |
| 技能调用 | NONE | NONE | — | No inter-skill invocation |
| 剪贴板 | NONE | NONE | — | No clipboard access |
| 浏览器 | NONE | NONE | — | No browser automation |
| 数据库 | NONE | NONE | — | No database access |
目录结构
2 文件 · 60.6 KB · 1624 行 Python 1f · 1400L
Markdown 1f · 224L
├─
▾
scripts
│ └─
openlist.py
Python
└─
SKILL.md
Markdown
安全亮点
✓ No shell execution (subprocess, os.system, exec) — all operations are Python standard library only
✓ No credential exfiltration — OPENLIST_TOKEN is used only as Bearer token header, never transmitted elsewhere
✓ No obfuscation — no base64, atob, eval, or encoded strings
✓ Audit log sanitization — sensitive fields (token, authorization, password, secret) are redacted before writing
✓ Plan-apply two-step pattern enforces user confirmation before destructive actions
✓ Endpoint allowlist restricts apply to only 4 safe endpoints: /api/fs/move, /api/fs/rename, /api/fs/remove, /api/fs/add_offline_download
✓ Plan schema validation with scan_for_dangerous_signals() blocks overwrite=true, unauthorized endpoints, and dangerous delete fields
✓ Path normalization prevents traversal attacks (blocks '..', requires leading '/')
✓ TLS verification configurable but defaults to true
✓ No third-party dependencies — pure Python stdlib (urllib, json, pathlib, ssl)
✓ Code and documentation are fully aligned — no hidden functionality
✓ Delete operations are single-path only, no root deletion, and re-validate type before apply