alista 安全扫描报告 — 低风险 | ClawSafe

15 /100

alista

Save restaurants, bars, and cafes from TikTok and Instagram videos. Search saved places and get weekend suggestions.

A legitimate restaurant bookmark manager with well-scoped filesystem and network access; no malicious patterns found. The hardcoded IP flagged in pre-scan is a false positive (Chrome UA string fragment, not a C2 IP).

技能名称alista

分析耗时55.2s

引擎pi

✓

可以安装

No blocking action needed. Consider pinning better-sqlite3 and date-fns versions in package.json for supply-chain hygiene.

安全发现 2 项

严重性	安全发现	位置
低危	Runtime dependencies use unpinned version ranges 供应链 package.json declares better-sqlite3, date-fns, date-fns-tz, and zod with caret (^) ranges. While not malicious, unpinned versions allow a compromised package to be silently installed on reinstall. `"better-sqlite3": "^11.0.0"` → Pin exact versions (e.g., "better-sqlite3": "11.7.0") to ensure reproducible installs	`package.json:11`
低危	shell:WRITE capability not declared in metadata block 文档欺骗 fetch-post.ts uses execFileSync to invoke ffmpeg/ffprobe for video frame extraction. While documented in SKILL.md prose, the YAML metadata block does not declare a shell:WRITE capability, creating a doc-code gap for the capability model. `execFileSync('ffmpeg', ['-ss', timestamp, '-i', videoUrl, ...])` → Add shell:WRITE to the metadata block if video frame extraction is considered shell access	`scripts/fetch-post.ts:84`

资源类型	声明权限	推断权限	状态	证据
文件系统	`WRITE`	`WRITE`	✓ 一致	db.ts:reads migrations from __dirname; getDb():creates/opens alista.db
网络访问	`READ`	`READ`	✓ 一致	metadata-fetcher.ts:apify.com, instagram.com, tiktok.com; place-verifier.ts:plac…
命令执行	`NONE`	`WRITE`	✓ 一致	fetch-post.ts:84-89: execFileSync('ffmpeg'/'ffprobe') — necessary for video fram…

2 高危 12 项发现

🔑

高危 API 密钥疑似硬编码凭证

API_KEY="your-google-places-key"

README.md:41

📡

高危 IP 地址硬编码 IP 地址

120.0.0.0

scripts/lib/metadata-fetcher.ts:204

🔗

中危外部 URL 外部 URL

https://console.cloud.google.com/apis/library/places-backend.googleapis.com

README.md:48

🔗

中危外部 URL 外部 URL

https://console.apify.com/

README.md:49

🔗

中危外部 URL 外部 URL

https://www.instagram.com/reel/ABC123/

README.md:60

🔗

中危外部 URL 外部 URL

https://opencollective.com/biome

package-lock.json:92

🔗

中危外部 URL 外部 URL

https://www.patreon.com/feross

package-lock.json:204

🔗

中危外部 URL 外部 URL

https://feross.org/support

package-lock.json:208

🔗

中危外部 URL 外部 URL

https://api.apify.com/v2/acts/$

scripts/lib/metadata-fetcher.ts:47

🔗

中危外部 URL 外部 URL

https://www.instagram.com/$

scripts/lib/metadata-fetcher.ts:53

🔗

中危外部 URL 外部 URL

https://www.tiktok.com/oembed?url=$

scripts/lib/metadata-fetcher.ts:326

🔗

中危外部 URL 外部 URL

https://api.example.com/data

scripts/lib/utils/circuit-breaker.ts:35

目录结构

22 文件 · 108.9 KB · 3955 行

TypeScript 16f · 2965L JSON 3f · 663L Markdown 2f · 258L SQL 1f · 69L

├─ ▾ 📁 migrations

│ └─ 📄 001-initial.sql SQL 69L · 2.3 KB

├─ ▾ 📁 scripts

│ ├─ ▾ 📁 lib

│ │ ├─ ▾ 📁 utils

│ │ │ ├─ 📜 circuit-breaker.ts TypeScript 172L · 4.1 KB

│ │ │ ├─ 📜 html.ts TypeScript 67L · 2.0 KB

│ │ │ ├─ 📜 index.ts TypeScript 15L · 477 B

│ │ │ ├─ 📜 retry.ts TypeScript 150L · 3.7 KB

│ │ │ ├─ 📜 text.ts TypeScript 140L · 4.0 KB

│ │ │ └─ 📜 url-normalizer.ts TypeScript 71L · 2.0 KB

│ │ ├─ 📜 db.ts TypeScript 504L · 15.4 KB

│ │ ├─ 📜 metadata-fetcher.ts TypeScript 491L · 14.8 KB

│ │ ├─ 📜 nudge-scorer.ts TypeScript 87L · 2.5 KB

│ │ ├─ 📜 place-verifier.ts TypeScript 446L · 12.8 KB

│ │ └─ 📜 types.ts TypeScript 302L · 8.8 KB

│ ├─ 📜 fetch-post.ts TypeScript 191L · 6.0 KB

│ ├─ 📜 lookup-place.ts TypeScript 53L · 1.3 KB

│ ├─ 📜 nudge.ts TypeScript 66L · 1.3 KB

│ ├─ 📜 save-place.ts TypeScript 114L · 2.7 KB

│ └─ 📜 search-places.ts TypeScript 96L · 1.8 KB

├─ 📋 package-lock.json JSON 626L · 12.4 KB

├─ 📋 package.json JSON 23L · 558 B

├─ 📝 README.md Markdown 131L · 4.8 KB

├─ 📝 SKILL.md Markdown 127L · 5.0 KB

└─ 📋 tsconfig.json JSON 14L · 289 B

依赖分析 4 项

包名	版本	来源	已知漏洞	备注
`better-sqlite3`	`^11.0.0`	npm	否	Version not pinned — recommend exact pin
`date-fns`	`^4.1.0`	npm	否	Version not pinned
`date-fns-tz`	`^3.2.0`	npm	否	Version not pinned
`zod`	`^3.23.0`	npm	否	Version not pinned

安全亮点

✓ No credential harvesting — API keys are read from env vars and used only for their intended APIs

✓ No sensitive path access (no ~/.ssh, ~/.aws, .env file reads)

✓ No base64, eval, or obfuscation patterns

✓ No data exfiltration — all network calls go to declared, legitimate endpoints (Google Places, Apify, Instagram, TikTok CDN)

✓ No reverse shell, C2, or persistence mechanisms

✓ Image/video downloads are restricted to whitelisted CDN hostnames (cdninstagram.com, tiktokcdn.com, fbcdn.net, akamaized.net)

✓ Download and frame-extraction directories are sandboxed to CWD (path traversal check in fetch-post.ts)

✓ SQLite DB is local-only with WAL mode and foreign keys enforced

✓ Circuit breaker pattern protects against cascading API failures

✓ API keys are environment-variable-only, never hardcoded in source