alista Security Report — Low Risk | ClawSafe

15 /100

alista

Save restaurants, bars, and cafes from TikTok and Instagram videos. Search saved places and get weekend suggestions.

A legitimate restaurant bookmark manager with well-scoped filesystem and network access; no malicious patterns found. The hardcoded IP flagged in pre-scan is a false positive (Chrome UA string fragment, not a C2 IP).

Skill Namealista

Duration55.2s

Enginepi

✓

Safe to install

No blocking action needed. Consider pinning better-sqlite3 and date-fns versions in package.json for supply-chain hygiene.

Findings 2 items

Severity	Finding	Location
Low	Runtime dependencies use unpinned version ranges Supply Chain package.json declares better-sqlite3, date-fns, date-fns-tz, and zod with caret (^) ranges. While not malicious, unpinned versions allow a compromised package to be silently installed on reinstall. `"better-sqlite3": "^11.0.0"` → Pin exact versions (e.g., "better-sqlite3": "11.7.0") to ensure reproducible installs	`package.json:11`
Low	shell:WRITE capability not declared in metadata block Doc Mismatch fetch-post.ts uses execFileSync to invoke ffmpeg/ffprobe for video frame extraction. While documented in SKILL.md prose, the YAML metadata block does not declare a shell:WRITE capability, creating a doc-code gap for the capability model. `execFileSync('ffmpeg', ['-ss', timestamp, '-i', videoUrl, ...])` → Add shell:WRITE to the metadata block if video frame extraction is considered shell access	`scripts/fetch-post.ts:84`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`WRITE`	`WRITE`	✓ Aligned	db.ts:reads migrations from __dirname; getDb():creates/opens alista.db
Network	`READ`	`READ`	✓ Aligned	metadata-fetcher.ts:apify.com, instagram.com, tiktok.com; place-verifier.ts:plac…
Shell	`NONE`	`WRITE`	✓ Aligned	fetch-post.ts:84-89: execFileSync('ffmpeg'/'ffprobe') — necessary for video fram…

2 High 12 findings

🔑

High API Key 疑似硬编码凭证

API_KEY="your-google-places-key"

README.md:41

📡

High IP Address 硬编码 IP 地址

120.0.0.0

scripts/lib/metadata-fetcher.ts:204

🔗

Medium External URL 外部 URL

https://console.cloud.google.com/apis/library/places-backend.googleapis.com

README.md:48

🔗

Medium External URL 外部 URL

https://console.apify.com/

README.md:49

🔗

Medium External URL 外部 URL

https://www.instagram.com/reel/ABC123/

README.md:60

🔗

Medium External URL 外部 URL

https://opencollective.com/biome

package-lock.json:92

🔗

Medium External URL 外部 URL

https://www.patreon.com/feross

package-lock.json:204

🔗

Medium External URL 外部 URL

https://feross.org/support

package-lock.json:208

🔗

Medium External URL 外部 URL

https://api.apify.com/v2/acts/$

scripts/lib/metadata-fetcher.ts:47

🔗

Medium External URL 外部 URL

https://www.instagram.com/$

scripts/lib/metadata-fetcher.ts:53

🔗

Medium External URL 外部 URL

https://www.tiktok.com/oembed?url=$

scripts/lib/metadata-fetcher.ts:326

🔗

Medium External URL 外部 URL

https://api.example.com/data

scripts/lib/utils/circuit-breaker.ts:35

File Tree

22 files · 108.9 KB · 3955 lines

TypeScript 16f · 2965L JSON 3f · 663L Markdown 2f · 258L SQL 1f · 69L

├─ ▾ 📁 migrations

│ └─ 📄 001-initial.sql SQL 69L · 2.3 KB

├─ ▾ 📁 scripts

│ ├─ ▾ 📁 lib

│ │ ├─ ▾ 📁 utils

│ │ │ ├─ 📜 circuit-breaker.ts TypeScript 172L · 4.1 KB

│ │ │ ├─ 📜 html.ts TypeScript 67L · 2.0 KB

│ │ │ ├─ 📜 index.ts TypeScript 15L · 477 B

│ │ │ ├─ 📜 retry.ts TypeScript 150L · 3.7 KB

│ │ │ ├─ 📜 text.ts TypeScript 140L · 4.0 KB

│ │ │ └─ 📜 url-normalizer.ts TypeScript 71L · 2.0 KB

│ │ ├─ 📜 db.ts TypeScript 504L · 15.4 KB

│ │ ├─ 📜 metadata-fetcher.ts TypeScript 491L · 14.8 KB

│ │ ├─ 📜 nudge-scorer.ts TypeScript 87L · 2.5 KB

│ │ ├─ 📜 place-verifier.ts TypeScript 446L · 12.8 KB

│ │ └─ 📜 types.ts TypeScript 302L · 8.8 KB

│ ├─ 📜 fetch-post.ts TypeScript 191L · 6.0 KB

│ ├─ 📜 lookup-place.ts TypeScript 53L · 1.3 KB

│ ├─ 📜 nudge.ts TypeScript 66L · 1.3 KB

│ ├─ 📜 save-place.ts TypeScript 114L · 2.7 KB

│ └─ 📜 search-places.ts TypeScript 96L · 1.8 KB

├─ 📋 package-lock.json JSON 626L · 12.4 KB

├─ 📋 package.json JSON 23L · 558 B

├─ 📝 README.md Markdown 131L · 4.8 KB

├─ 📝 SKILL.md Markdown 127L · 5.0 KB

└─ 📋 tsconfig.json JSON 14L · 289 B

Dependencies 4 items

Package	Version	Source	Known Vulns	Notes
`better-sqlite3`	`^11.0.0`	npm	No	Version not pinned — recommend exact pin
`date-fns`	`^4.1.0`	npm	No	Version not pinned
`date-fns-tz`	`^3.2.0`	npm	No	Version not pinned
`zod`	`^3.23.0`	npm	No	Version not pinned

Security Positives

✓ No credential harvesting — API keys are read from env vars and used only for their intended APIs

✓ No sensitive path access (no ~/.ssh, ~/.aws, .env file reads)

✓ No base64, eval, or obfuscation patterns

✓ No data exfiltration — all network calls go to declared, legitimate endpoints (Google Places, Apify, Instagram, TikTok CDN)

✓ No reverse shell, C2, or persistence mechanisms

✓ Image/video downloads are restricted to whitelisted CDN hostnames (cdninstagram.com, tiktokcdn.com, fbcdn.net, akamaized.net)

✓ Download and frame-extraction directories are sandboxed to CWD (path traversal check in fetch-post.ts)

✓ SQLite DB is local-only with WAL mode and foreign keys enforced

✓ Circuit breaker pattern protects against cascading API failures

✓ API keys are environment-variable-only, never hardcoded in source

Scan Report

Findings 2 items

File Tree

Dependencies 4 items

Security Positives