中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:2 days ago Rescan
5 /100
my-computer
Desktop automation agent using CLI commands, application scripting, and intelligent automation for local machine operations
A legitimate desktop automation skill with well-documented file operations, system utilities, and cloud integrations. All capabilities are properly declared with appropriate safety tiers.
Skill Namemy-computer
Duration36.8s
Enginepi
Safe to install
Skill is safe to use. Follow the documented permission tiers and confirm destructive operations as instructed.

Findings 2 items

Severity Finding Location
Low
Hardcoded IP in documentation
The SKILL.md references 8.8.8.8 in a ping diagnostic example. This is a standard network connectivity check and presents no security risk.
ping -c 3 8.8.8.8
→ No action needed - standard diagnostic practice
 SKILL.md:389
Low
External DTD reference
SKILL.md references Apple's PropertyList DTD URL for documentation purposes. No network request occurs.
http://www.apple.com/DTDs/PropertyList-1.0.dtd
→ No action needed - reference only
 SKILL.md:304
ResourceDeclaredInferredStatusEvidence
Filesystem WRITE WRITE ✓ Aligned SKILL.md: Full file ops declared
Shell WRITE WRITE ✓ Aligned SKILL.md: CLI commands declared
Network READ READ ✓ Aligned SKILL.md: Cloud integrations declared
Environment READ READ ✓ Aligned SKILL.md: Tool detection declared
1 High 6 findings
📡
High IP Address 硬编码 IP 地址
8.8.8.8
SKILL.md:389
🔗
Medium External URL 外部 URL
http://www.apple.com/DTDs/PropertyList-1.0.dtd
SKILL.md:304
🔗
Medium External URL 外部 URL
https://slack.com/api/files.upload
references/app-automation.md:109
📧
Info Email 邮箱地址
[email protected]
SKILL.md:287
📧
Info Email 邮箱地址
[email protected]
references/app-automation.md:69
📧
Info Email 邮箱地址
[email protected]
references/app-automation.md:70

File Tree

8 files · 72.6 KB · 2185 lines
Markdown 3f · 1135L Shell 5f · 1050L
├─ 📁 references
│ ├─ 📝 app-automation.md Markdown 407L · 10.3 KB
│ └─ 📝 platform-guide.md Markdown 241L · 7.6 KB
├─ 📁 scripts
│ ├─ 🔧 batch_executor.sh Shell 277L · 8.4 KB
│ ├─ 🔧 batch_preview.sh Shell 151L · 5.0 KB
│ ├─ 🔧 disk_report.sh Shell 228L · 10.5 KB
│ ├─ 🔧 find_duplicates.sh Shell 248L · 7.6 KB
│ └─ 🔧 undo_operation.sh Shell 146L · 4.9 KB
└─ 📝 SKILL.md Markdown 487L · 18.3 KB

Security Positives

✓ Comprehensive safety system with Green/Yellow/Red permission tiers
✓ Manifest-based undo system for all batch operations
✓ Dry-run previews required for operations affecting >10 files
✓ All destructive operations require explicit user confirmation
✓ Sensitive files (SSH keys, .env, credentials) explicitly excluded
✓ Clear documentation of all capabilities and their scope
✓ No obfuscation, base64 encoding, or hidden execution paths
✓ Standard CLI tools only - no custom binaries or downloaded scripts
✓ Proper error handling with manifest logging
✓ Cloud integrations are standard APIs with environment variable tokens