中文 EN

扫描报告

扫描新文件

可信 — 风险评分 5/100
上次扫描:17 小时前 重新扫描
5 /100
sense-memory
Sovereign persistence for AI agents — encrypted key-value memories and journal entries on Nostr relays
The sense-memory skill is a legitimate Nostr-based encrypted memory store. It declares pip as a required binary, relies on published PyPI packages, and has no hidden functionality, obfuscation, or credential exfiltration.
技能名称sense-memory
分析耗时36.3s
引擎pi
可以安装
Approve for use. The skill is straightforward and well-documented.

安全发现 1 项

严重性 安全发现 位置
低危
External package dependency not bundled 供应链
The skill depends on `sense-memory` and `nostrkey` from PyPI rather than bundling them. This introduces supply chain risk — verify package integrity and ownership.
"dependencies": ["nostrkey>=0.1.1"]
→ Pin to exact versions and consider vendoring the packages to eliminate external dependencies.
 metadata.json:20
资源类型声明权限推断权限状态证据
文件系统 NONE NONE No file read/write in skill files
网络访问 NONE READ ✓ 一致 External PyPI packages (nostrkey, sense_memory) — Nostr relay connections docume…
命令执行 NONE NONE pip declared in metadata.openclaw.requires.bins, used only for package install
环境变量 NONE READ ✓ 一致 NOSTRKEY_PASSPHRASE, NOSTR_NSEC read by external packages (documented as require…
4 项发现
🔗
中危 外部 URL 外部 URL
https://clawhub.ai/vveerrgg/nostrkey
SKILL.md:36
🔗
中危 外部 URL 外部 URL
https://clawhub.ai/vveerrgg/nostr-profile
SKILL.md:288
🔗
中危 外部 URL 外部 URL
https://clawhub.ai/vveerrgg/nse
SKILL.md:291
🔗
中危 外部 URL 外部 URL
https://huje.tools
metadata.json:8

目录结构

3 文件 · 16.8 KB · 402 行
Markdown 1f · 303L JSON 1f · 53L Python 1f · 46L
├─ 📁 examples
│ └─ 🐍 basic_usage.py Python 46L · 1.3 KB
├─ 📋 metadata.json JSON 53L · 1.3 KB
└─ 📝 SKILL.md Markdown 303L · 14.3 KB

依赖分析 2 项

包名版本来源已知漏洞备注
nostrkey >=0.1.1 pip Min version pinned, not exact version
sense-memory latest pip Version not specified — pulls latest

安全亮点

✓ SKILL.md clearly documents all behavior including encryption (NIP-44), storage modes (NIP-78, NIP-04), and network targets (relays)
✓ No base64, obfuscated code, or anti-analysis patterns detected
✓ No credential harvesting or data exfiltration — secrets remain local for encryption only
✓ No hidden instructions or prompt injection detected
✓ Input validation documented (key sanitization, content length caps, relay query caps)
✓ No direct shell execution or subprocess usage in skill files
✓ Memory keys validated against path traversal patterns
✓ MIT license declared