Skill Trust Decision
odds-movement-monitor
技能功能正常但存在硬编码第三方API密钥的严重安全问题,可能导致凭证滥用风险
Most direct threat evidence
01
用户安装并激活技能 Entry · SKILL.md
02
代码中硬编码的API密钥被暴露 Escalation · payment.py
03
攻击者利用暴露的密钥冒充作者扣费或消耗配额 Impact · payment.py
Why this conclusion was reached
3/4 dimensions flagged Block
Declared vs actual capability
2 undeclared or violating capabilities were inferred.
Block
Hidden execution and egress
1 high-risk artifacts or egress signals were extracted.
Block
Attack chain and severe findings
The report includes 3 attack-chain steps and 1 severe findings.
Review
Dependencies and supply chain hygiene
2 dependency or supply-chain issues need attention.
Attack Chain
01
用户安装并激活技能
Entry · SKILL.md:1
02
代码中硬编码的API密钥被暴露
Escalation · payment.py:12
03
攻击者利用暴露的密钥冒充作者扣费或消耗配额
Impact · payment.py:43
What drove the risk score up
硬编码第三方API密钥 +35
payment.py:12 硬编码了SkillPay API密钥,任何代码访问者都可使用
文档声明不完整 +15
SKILL.md未说明API密钥配置方式,用户无法知晓是否需要自备密钥
本地数据库写入 +5
monitor.py创建本地SQLite数据库odds_data.db,文档未声明
外部网络请求 +5
访问skillpay.me和the-odds-api.com,属于功能必要但未充分说明
Most important evidence
High Credential Theft
硬编码第三方API密钥
payment.py第12行硬编码了SkillPay的API密钥'sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2'。这意味着:1)密钥对所有代码访问者可见 2)可能被滥用于冒充技能作者进行扣费 3)消耗技能作者的API配额
payment.py:12 将API密钥改为从环境变量读取:os.environ.get('SKILLPAY_API_KEY'),并在文档中说明需要用户配置
Medium Doc Mismatch
未声明本地数据存储
monitor.py会创建本地SQLite数据库odds_data.db存储赔率历史,但SKILL.md未提及此功能
monitor.py:35 在SKILL.md中添加数据存储相关说明
Medium Doc Mismatch
未声明的环境变量依赖
代码依赖SKILLPAY_USER_ID和ODDS_API_KEY环境变量,但SKILL.md未说明
payment.py:24 在SKILL.md中添加所需环境变量说明
Low Supply Chain
依赖包版本未锁定
requirements.txt中aiohttp和requests使用>=约束,存在供应链风险
requirements.txt:1 锁定具体版本以确保可复现性和安全性
Declared capability vs actual capability
Filesystem Block
Declared NONE
→ Inferred WRITE
monitor.py:35 创建本地SQLite数据库odds_data.db Network Pass
Declared READ
→ Inferred READ+WRITE
payment.py:43 向skillpay.me发送POST请求扣费 Shell Pass
Declared NONE
→ Inferred NONE
— Environment Block
Declared NONE
→ Inferred READ
payment.py:11 读取SKILLPAY_USER_ID, payment.py:24 读取ODDS_API_KEY Suspicious artifacts and egress
High API Key
API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2" payment.py:12
Medium External URL
https://api.the-odds-api.com/v4 config.json:15
Medium External URL
https://the-odds-api.com/ monitor.py:527
Medium External URL
https://skillpay.me payment.py:11
Dependencies and supply chain
| Package | Version | Source | Known vuln | Notes |
|---|---|---|---|---|
| aiohttp | >=3.8.0 | pip | No | 无版本锁定 |
| requests | >=2.28.0 | pip | No | 无版本锁定 |
File composition
10 files · 1699 lines
Python 5 files · 1432 linesMarkdown 2 files · 194 linesJSON 2 files · 71 linesText 1 files · 2 lines
Files of concern · 4
config.json https://api.the-odds-api.com/v4
monitor.py 未声明本地数据存储 · https://the-odds-api.com/
payment.py 硬编码第三方API密钥 · 未声明的环境变量依赖 · API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2" · https://skillpay.me
requirements.txt 依赖包版本未锁定
Other files · change_detector.py · demo.py · README.md · SKILL.md · __init__.py · _meta.json
Security positives
代码结构清晰,模块化设计良好
使用dataclass进行数据结构化
具备异步支持(aiohttp)
有完整的预警和报告功能
使用SQLite存储,无外部数据库依赖