扫描报告
5 /100
fb-video-downloader
Download Facebook videos, Reels, and Stories in HD quality using savefbs.com API
A legitimate Facebook video downloader that acts as a bridge to savefbs.com API with documented pricing. No malicious behavior observed - all network operations match declared intent.
可以安装
No action required. The skill performs exactly as documented with no hidden functionality.
安全发现 1 项
| 严重性 | 安全发现 | 位置 |
|---|---|---|
| 低危 | Implicit dependency on requests library 供应链 | scripts/fetch_fb_video.py:7 |
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | WRITE | ✓ 一致 | Writes usage.json to ~/.openclaw/skills/fb-video-downloader/ for quota tracking … |
| 网络访问 | READ | READ | ✓ 一致 | POSTs to savefbs.com/api/v1/aio/search as declared in SKILL.md |
5 项发现
中危 外部 URL 外部 URL
https://savefbs.com SKILL.md:8 中危 外部 URL 外部 URL
https://savefbs.com/pricing SKILL.md:18 中危 外部 URL 外部 URL
https://www.facebook.com/watch?v=123456789 SKILL.md:59 中危 钱包地址 加密货币钱包地址
0xA4195EeFF370c003C5C775BE4C3f350022666305 scripts/fetch_fb_video.py:23 中危 外部 URL 外部 URL
https://pay.request.network/ scripts/fetch_fb_video.py:24 目录结构
2 文件 · 10.1 KB · 332 行 Python 1f · 209L
Markdown 1f · 123L
├─
▾
scripts
│ └─
fetch_fb_video.py
Python
└─
SKILL.md
Markdown
依赖分析 1 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
requests | unpinned | implicit import | 否 | No requirements.txt - version not pinned |
安全亮点
✓ SKILL.md accurately describes all functionality - no doc-to-code mismatch
✓ No credential harvesting or environment variable access for secrets
✓ No obfuscation techniques (base64, eval, dynamic code loading)
✓ No network IOCs to suspicious destinations beyond declared savefbs.com
✓ Usage tracking is local-only and non-sensitive (download counts only)
✓ No reverse shell, C2, or persistence mechanisms
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)