中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 0/100
Last scan:1 day ago Rescan
0 /100
privy-integration
Integrate Privy authentication and wallet infrastructure into web and mobile apps
Documentation-only skill providing legitimate Privy authentication/wallet SDK integration guides with no malicious behavior detected.
Skill Nameprivy-integration
Duration35.7s
Enginepi
Safe to install
This skill is safe to use. It contains only markdown documentation for the legitimate Privy.io product.

Findings 2 items

Severity Finding Location
Info
Pre-scan flag: Base64 Buffer usage Doc Mismatch
solana.md:345 contains `Buffer.from(serialized, 'base64')` which was flagged as CRITICAL by pre-scan. This is legitimate code within a documentation example showing standard Solana transaction deserialization (Transaction.from(Buffer.from(serialized, 'base64'))). This is normal development practice for handling base64-encoded transactions, not obfuscation.
const transaction = Transaction.from(Buffer.from(serialized, 'base64'));
→ This is legitimate documentation of standard Solana development patterns. Not a security concern.
 references/solana.md:345
Info
Pre-scan flag: Hardcoded IPs Doc Mismatch
server-sdk.md:329 lists IPs (44.228.126.217, 50.112.21.217, 52.24.126.164, 54.148.139.208) flagged as HIGH. These are documented webhook delivery static IPs from Privy's Svix integration, clearly labeled 'Static IPs for allowlisting'. This is legitimate infrastructure documentation.
Static IPs for allowlisting: `44.228.126.217`, `50.112.21.217`, `52.24.126.164`, `54.148.139.208`
→ This is legitimate documentation of Privy's webhook delivery infrastructure for IP allowlisting.
 references/server-sdk.md:329
ResourceDeclaredInferredStatusEvidence
Filesystem NONE NONE No file operations in documentation
Network NONE NONE Only references external URLs for documentation links
Shell NONE NONE No shell commands in documentation
Environment NONE NONE No environment access in documentation
Skill Invoke NONE NONE No skill invocation patterns
Clipboard NONE NONE No clipboard access
Browser NONE NONE No browser automation
Database NONE NONE No database access
1 Critical 4 High 67 findings
🔒
Critical Encoded Execution Base64 编码执行(代码混淆)
Buffer.from(serialized, 'base64'
references/solana.md:345
📡
High IP Address 硬编码 IP 地址
44.228.126.217
references/server-sdk.md:329
📡
High IP Address 硬编码 IP 地址
50.112.21.217
references/server-sdk.md:329
📡
High IP Address 硬编码 IP 地址
52.24.126.164
references/server-sdk.md:329
📡
High IP Address 硬编码 IP 地址
54.148.139.208
references/server-sdk.md:329
🔗
Medium External URL 外部 URL
https://www.apache.org/licenses/
LICENSE.txt:3
🔗
Medium External URL 外部 URL
https://docs.privy.io/llms.txt
SKILL.md:19
🔗
Medium External URL 外部 URL
https://your-logo.png
SKILL.md:109
🔗
Medium External URL 外部 URL
https://api.mainnet-beta.solana.com
SKILL.md:121
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/react/setup
SKILL.md:210
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/react/quickstart
SKILL.md:211
🔗
Medium External URL 外部 URL
https://docs.privy.io/authentication/overview
SKILL.md:212
🔗
Medium External URL 外部 URL
https://docs.privy.io/authentication/user-authentication/whitelabel
SKILL.md:213
🔗
Medium External URL 外部 URL
https://docs.privy.io/authentication/user-authentication/tokens
SKILL.md:214
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/overview
SKILL.md:215
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/connectors/ethereum/integrations/wagmi
SKILL.md:216
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/connectors/ethereum/integrations/viem
SKILL.md:217
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/using-wallets/evm-smart-wallets/overview
SKILL.md:218
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/using-wallets/evm-smart-wallets/setup/configuring-sdk
SKILL.md:219
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/gas-and-asset-management/gas/overview
SKILL.md:220
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/gas-and-asset-management/gas/ethereum
SKILL.md:221
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/gas-and-asset-management/gas/solana
SKILL.md:222
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/nodeJS/quickstart
SKILL.md:223
🔗
Medium External URL 外部 URL
https://docs.privy.io/recipes/solana/getting-started-with-privy-and-solana
SKILL.md:224
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/connectors/overview
SKILL.md:225
🔗
Medium External URL 外部 URL
https://docs.privy.io/authentication/user-authentication/custom-auth
SKILL.md:226
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/webhooks/overview
SKILL.md:227
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/global-wallets/overview
references/react-sdk.md:537
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/react/features
references/react-sdk.md:554
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/react/appearance
references/react-sdk.md:558
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/react/evm-networks
references/react-sdk.md:559
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/react/solana-networks
references/react-sdk.md:560
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/react/migration-v3
references/react-sdk.md:561
🔗
Medium External URL 外部 URL
https://docs.privy.io/recipes/react/eip-7702
references/react-sdk.md:563
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/react-native/setup
references/react-sdk.md:564
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/nodeJS/migration
references/server-sdk.md:32
🔗
Medium External URL 外部 URL
https://auth.privy.io/api/v1
references/server-sdk.md:333
🔗
Medium External URL 外部 URL
https://docs.privy.io/api-reference
references/server-sdk.md:353
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/nodeJS/setup
references/server-sdk.md:394
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/nodeJS/key-concepts
references/server-sdk.md:397
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/python/quickstart
references/server-sdk.md:398
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/go/quickstart
references/server-sdk.md:399
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/rust/quickstart
references/server-sdk.md:400
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/java/quickstart
references/server-sdk.md:401
🔗
Medium External URL 外部 URL
https://docs.privy.io/basics/rest-api/quickstart
references/server-sdk.md:402
🔗
Medium External URL 外部 URL
https://docs.privy.io/authentication/user-authentication/access-tokens
references/server-sdk.md:403
🔗
Medium External URL 外部 URL
https://docs.privy.io/authentication/user-authentication/identity-tokens
references/server-sdk.md:404
🔗
Medium External URL 外部 URL
https://docs.privy.io/recipes/solana/sending-spl-tokens
references/solana.md:421
🔗
Medium External URL 外部 URL
https://docs.privy.io/recipes/solana/sending-sol
references/solana.md:422
🔗
Medium External URL 外部 URL
https://docs.privy.io/recipes/solana/solana-standard-wallets
references/solana.md:423
🔗
Medium External URL 外部 URL
https://docs.privy.io/recipes/solana/solana-mobile-wallet-adapter
references/solana.md:424
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/connectors/solana/solana-kit
references/solana.md:425
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/connectors/solana/solana-web3js
references/solana.md:426
🔗
Medium External URL 外部 URL
https://docs.privy.io/recipes/react-native/deeplinking-solana-wallets
references/solana.md:429
🔗
Medium External URL 外部 URL
https://docs.privy.io/recipes/gas-sponsorship/custom-rate-limits
references/wallets.md:335
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/using-wallets/signers/overview
references/wallets.md:362
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/gas-and-asset-management/funding/overview
references/wallets.md:377
🔗
Medium External URL 外部 URL
https://docs.privy.io/recipes/wallets/hd-wallets
references/wallets.md:408
🔗
Medium External URL 外部 URL
https://docs.privy.io/security/wallet-infrastructure/architecture
references/wallets.md:445
🔗
Medium External URL 外部 URL
https://docs.privy.io/security/wallet-infrastructure/secure-enclaves
references/wallets.md:446
🔗
Medium External URL 外部 URL
https://docs.privy.io/security/threat-models
references/wallets.md:447
🔗
Medium External URL 外部 URL
https://docs.privy.io/security/implementation-guide/security-checklist
references/wallets.md:448
🔗
Medium External URL 外部 URL
https://docs.privy.io/security/csp
references/wallets.md:449
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/embedded-wallets/create
references/wallets.md:455
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/using-wallets/evm-smart-wallets/setup/configuring-dashboard
references/wallets.md:458
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/policies/overview
references/wallets.md:463
🔗
Medium External URL 外部 URL
https://docs.privy.io/wallets/transaction-management/overview
references/wallets.md:466

File Tree

6 files · 68.0 KB · 2254 lines
Markdown 5f · 2092L Text 1f · 162L
├─ 📁 references
│ ├─ 📝 react-sdk.md Markdown 565L · 15.0 KB
│ ├─ 📝 server-sdk.md Markdown 405L · 10.2 KB
│ ├─ 📝 solana.md Markdown 429L · 12.1 KB
│ └─ 📝 wallets.md Markdown 466L · 13.6 KB
├─ 📄 LICENSE.txt Text 162L · 8.9 KB
└─ 📝 SKILL.md Markdown 227L · 8.1 KB

Security Positives

✓ Documentation-only skill with no executable code
✓ All capabilities properly declared as NONE
✓ References official Privy.io SDK packages (@privy-io/react-auth, @privy-io/node)
✓ Clear documentation structure with SKILL.md as main entry point
✓ Licensed under Apache 2.0 - permissive open source license
✓ Pre-scan 'issues' are false positives: base64 Buffer is standard Solana dev practice, IPs are documented webhook endpoints