中文 EN

Scan Report

Scan New Files

High Risk — Risk Score 65/100
Last scan:1 day ago Rescan
65 /100
stremio-cli
Stremio automation via browser + Torrentio on Mac Mini
SKILL.md explicitly claims the main script is 'legacy and not used', but it is fully functional code that performs undeclared shell execution via subprocess.Popen.
Skill Namestremio-cli
Duration34.2s
Enginepi
Do not install this skill
Do not use this skill. The documentation contains a direct lie about the script being unused while the code executes shell commands. Requires complete rewrite of SKILL.md to accurately reflect actual capabilities.

Attack Chain 4 steps

Entry Skill presented as safe browser automation tool in SKILL.md
SKILL.md:1
Escalation False statement claims script is 'not used' to hide true capabilities
SKILL.md:15
Escalation Full-featured Python script with browser + shell execution is actually deployed
scripts/stremio_cast.py:1
Escalation subprocess.Popen executes 'catt cast' shell command with captured stream URL
scripts/stremio_cast.py:67

Findings 4 items

Severity Finding Location
High
Explicit false statement about script status Doc Mismatch
SKILL.md line 15 states 'The script in scripts/stremio_cast.py is Portuguese/legacy and not used — we rely on the built-in browser tool instead.' This is demonstrably false. The script is fully functional Python code with complete automation logic including browser control, stream URL interception, and shell command execution.
The script in `scripts/stremio_cast.py` is Portuguese/legacy and not used — we rely on the built-in browser tool instead.
→ Remove this false statement. Either use the script and declare its capabilities, or remove it entirely.
 SKILL.md:15
High
Undeclared shell command execution via subprocess RCE
The script executes 'catt cast' command via subprocess.Popen without any declaration in SKILL.md. This constitutes shell:WRITE capability that was never disclosed to the user.
subprocess.Popen(['catt', '-d', device, 'cast', stream_url])
→ Declare shell:WRITE capability if this execution is intentional and necessary.
 scripts/stremio_cast.py:67
Medium
Suspicious hardcoded streaming server URL Sensitive Access
The URL contains a local network IP address (192.168.15.162) disguised as a subdomain of stremio.rocks. This could indicate a man-in-the-middle setup or a custom streaming server.
stremio_url = "https://app.strem.io/shell-v4.4/?streamingServer=https%3A%2F%2F192-168-15-162.519b6502d940.stremio.rocks%3A12470#/"
→ Verify this is a legitimate Stremio streaming server. If it's a custom server, this should be disclosed.
 scripts/stremio_cast.py:10
Low
Potential injection via unsanitized stream URL RCE
The stream_url variable is captured from network request interception and passed directly to a shell command. If the URL contains special characters, this could be exploited.
subprocess.Popen(['catt', '-d', device, 'cast', stream_url])
→ Validate and sanitize stream_url before passing to shell command.
 scripts/stremio_cast.py:67
ResourceDeclaredInferredStatusEvidence
Filesystem NONE NONE No file operations in script
Network NONE READ ✓ Aligned scripts/stremio_cast.py:10 - Makes HTTP requests to external Stremio service
Shell NONE WRITE ✗ Violation scripts/stremio_cast.py:67 - subprocess.Popen(['catt', '-d', device, 'cast', str…
Browser READ READ ✓ Aligned Playwright browser automation is declared and used
2 findings
🔗
Medium External URL 外部 URL
https://app.strem.io/shell-v4.4/?streamingServer=https%3A%2F%2F192-168-15-162.519b6502d940.stremio.rocks%3A12470#/
scripts/stremio_cast.py:10
📧
Info Email 邮箱地址
[email protected]
SKILL.md:12

File Tree

3 files · 5.3 KB · 135 lines
Python 1f · 88L Markdown 1f · 42L JSON 1f · 5L
├─ 📁 scripts
│ └─ 🐍 stremio_cast.py Python 88L · 3.6 KB
├─ 📋 _meta.json JSON 5L · 130 B
└─ 📝 SKILL.md Markdown 42L · 1.5 KB

Security Positives

✓ Browser automation via Playwright is properly declared in SKILL.md
✓ No credential harvesting or exfiltration logic observed
✓ Script appears to be legitimate Stremio automation functionality