minimax-usage-monitor 安全扫描报告 — 低风险 | ClawSafe

20 /100

minimax-usage-monitor

MiniMax Token Plan usage query and monitoring via web scraping with Playwright

Legitimate MiniMax usage monitor that performs declared web scraping with Playwright. Minor documentation gap: filesystem WRITE for logging is not declared.

技能名称minimax-usage-monitor

分析耗时44.8s

引擎pi

✓

可以安装

Document the filesystem WRITE usage (daily log file append) in SKILL.md. Consider pinning Playwright to a specific version for reproducibility.

安全发现 3 项

严重性	安全发现	位置
低危	Undeclared filesystem WRITE permission SKILL.md declares filesystem:NONE but notify_usage.js appends usage data to daily_usage.log. This logging behavior is functional but not documented. `fs.appendFileSync(logPath, logLine);` → Add 'filesystem:WRITE' to the declared capabilities or disable the log append feature in notify_usage.js	`scripts/notify_usage.js:252`
低危	Unpinned Playwright dependency package.json uses ^1.40.0 which allows minor/patch updates. Consider pinning to a specific version for reproducible builds. `"playwright": "^1.40.0"` → Change to "playwright": "1.40.0" or a specific pinned version	`scripts/package.json:14`
提示	Pre-scan false positive: Not an IP address The IOC flagged '120.0.0.0' at line 43 as a hardcoded IP. This is actually part of the Chrome user agent string 'Chrome/120.0.0.0', not an IP address. `userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36'` → No action needed - this is a legitimate hardcoded user agent for web scraping	`scripts/get_usage.js:43`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`WRITE`	✗ 越权	scripts/notify_usage.js:252 - fs.appendFileSync(logPath, logLine)
网络访问	`READ`	`READ/WRITE`	✓ 一致	Web scraping (GET) and notification POSTs (Discord/Telegram/OpenClaw)
命令执行	`NONE`	`NONE`	—	No subprocess or shell execution found
环境变量	`READ`	`READ`	✓ 一致	.env reading for credentials is declared in SKILL.md
浏览器	`WRITE`	`WRITE`	✓ 一致	Playwright automation for web scraping declared in SKILL.md

1 高危 9 项发现

📡

高危 IP 地址硬编码 IP 地址

120.0.0.0

scripts/get_usage.js:43

🔗

中危外部 URL 外部 URL

https://discord.com/api/webhooks/...

SKILL.md:59

🔗

中危外部 URL 外部 URL

https://npmmirror.com/mirrors

references/setup.en.md:35

🔗

中危外部 URL 外部 URL

https://discord.com/api/webhooks/xxxxx/yyyyy

references/setup.en.md:102

🔗

中危外部 URL 外部 URL

https://api.telegram.org/bot

references/setup.en.md:108

🔗

中危外部 URL 外部 URL

https://platform.minimaxi.com/login

references/troubleshooting.md:19

🔗

中危外部 URL 外部 URL

https://platform.minimaxi.com/user-center/payment/token-plan

references/troubleshooting.md:113

🔗

中危外部 URL 外部 URL

https://discord.com

scripts/notify_usage.js:221

🔗

中危外部 URL 外部 URL

https://api.telegram.org/bot$

scripts/notify_usage.js:233

目录结构

9 文件 · 48.4 KB · 1574 行

Markdown 6f · 1042L JavaScript 2f · 514L JSON 1f · 18L

├─ ▾ 📁 references

│ ├─ 📝 cron-guide.en.md Markdown 108L · 3.0 KB

│ ├─ 📝 cron-guide.zh.md Markdown 135L · 3.9 KB

│ ├─ 📝 setup.en.md Markdown 166L · 3.6 KB

│ ├─ 📝 setup.zh.md Markdown 165L · 3.8 KB

│ └─ 📝 troubleshooting.md Markdown 222L · 7.0 KB

├─ ▾ 📁 scripts

│ ├─ 📜 get_usage.js JavaScript 244L · 8.3 KB

│ ├─ 📜 notify_usage.js JavaScript 270L · 9.9 KB

│ └─ 📋 package.json JSON 18L · 514 B

└─ 📝 SKILL.md Markdown 246L · 8.4 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`playwright`	`^1.40.0`	npm	否	Version not pinned - minor risk only

安全亮点

✓ No credential exfiltration detected - credentials only used for MiniMax login

✓ No remote code execution or shell injection vectors

✓ No base64/eval obfuscation or hidden payloads

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env files)

✓ No curl|bash or wget|sh remote script execution

✓ Environment variable reading is properly declared in SKILL.md

✓ Network requests are limited to declared MiniMax platform and notification channels

✓ .env.example is properly excluded from packaging via .clawhubignore