Skill Trust Decision

clawhub-security-scan

Name: clawhub-security-scan Trust Review Report
Item: clawhub-security-scan
Rating: 60
Author: ClawSafe

安全扫描工具存在未声明的系统交互和硬编码凭证示例，意图看似良性但代码质量存在问题

Install decision first Source: ClawHub Scanned: Apr 3, 2026

Files 5

Artifacts 2

Violations 3

Findings 4

Most direct threat evidence

Why this conclusion was reached

2/4 dimensions flagged

Block

Declared vs actual capability

3 undeclared or violating capabilities were inferred.

Block

Hidden execution and egress

1 high-risk artifacts or egress signals were extracted.

Pass

Attack chain and severe findings

There is no explicit malicious chain in the report.

Review

Dependencies and supply chain hygiene

Dependency information is incomplete, so supply-chain confidence stays limited.

What drove the risk score up

未声明的网络请求 +15

代码使用urllib调用skillpay.me API但SKILL.md未声明

未声明的环境变量访问 +10

代码读取SKILLPAY_API_KEY但文档未提及

subprocess模块使用未声明 +5

代码导入subprocess用于模式检测但文档未提及

代码包含硬编码凭证示例 +10

review.py:24 包含示例凭证文本'secretkeyhere123'

Most important evidence

Medium

未声明的网络外部通信

代码通过urllib向skillpay.me API发送计费请求，但SKILL.md未声明此外部通信行为

scripts/scan.py:22

在SKILL.md中明确声明：本技能会调用skillpay.me API进行计费

Medium

未声明的环境变量访问

代码读取SKILLPAY_API_KEY环境变量用于API认证，但SKILL.md未声明此环境变量依赖

scripts/scan.py:43

在SKILL.md中声明：本技能需要SKILLPAY_API_KEY环境变量

Low

代码包含凭证示例文本

review.py文档字符串中包含'secretkeyhere123'作为反面教材示例，虽非真实密钥但属不良实践

scripts/review.py:24

移除代码中的凭证示例，改用占位符如'<YOUR_API_KEY>'

Low

MEDIUM_RISK_PATTERNS覆盖自身

代码的高危模式列表(eval/exec/subprocess等)会触发自身扫描结果，用户运行扫描时可能看到误报

scripts/scan.py:56

在扫描时自动排除scripts/目录自身，或在文档中说明扫描工具自身会被标记

Declared capability vs actual capability

Filesystem Block

Declared NONE

→

Inferred READ

scripts/scan.py:scan_file() 逐行读取目标文件

Network Block

Declared NONE

→

Inferred READ

scripts/scan.py:skillpay_charge() 调用skillpay.me API

Environment Block

Declared NONE

→

Inferred READ

scripts/scan.py:43 读取SKILLPAY_API_KEY

Shell Pass

Declared NONE

→

Inferred READ

scripts/scan.py:import subprocess 仅用于检测模式，非实际执行

Suspicious artifacts and egress

High API Key

api_key = "secretkeyhere123"

scripts/review.py:24

Medium External URL

https://skillpay.me/api/v1

scripts/precheck.py:24

Dependencies and supply chain

There are no structured dependency warnings.

File composition

5 files · 847 lines

Python 3 files · 769 linesMarkdown 1 files · 73 linesJSON 1 files · 5 lines

Files of concern · 3

scripts/scan.py Python · 472 lines

未声明的网络外部通信 · 未声明的环境变量访问 · MEDIUM_RISK_PATTERNS覆盖自身

scripts/precheck.py Python · 196 lines

https://skillpay.me/api/v1

scripts/review.py Python · 101 lines

代码包含凭证示例文本 · api_key = "secretkeyhere123"

Other files · SKILL.md · _meta.json

Security positives

功能看似良性：提供代码安全扫描服务

使用标准库实现，无第三方依赖风险

无实际恶意行为（无凭证外泄、无远程代码执行）

代码结构清晰，意图是帮助开发者而非攻击

高危模式检测逻辑合理，包含常见CVE模式