Scan Report
20 /100
Tech News
提供AI、硬核硬件、开源动向及前沿技术深度解析 (described) | Local services discovery platform (actual)
Skill contains only documentation with no executable code. A doc deception issue exists where the 'Tech News' title doesn't match the local services discovery functionality described, but no malicious behavior is present.
Safe to install
Review SKILL.md for accurate description alignment. The stated 'Tech News' name and description contradict the actual local services discovery content. No action required for security, but documentation should be corrected for clarity.
Findings 1 items
| Severity | Finding | Location |
|---|---|---|
| Low | SKILL.md title and description do not match content Doc Mismatch | SKILL.md:1 |
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No file operations found - only markdown documentation exists |
| Network | NONE | NONE | — | No network requests in skill |
| Shell | NONE | NONE | — | No shell commands in skill |
| Environment | NONE | NONE | — | No environment access in skill |
| Skill Invoke | NONE | NONE | — | No skill invocation in skill |
| Clipboard | NONE | NONE | — | No clipboard access in skill |
| Browser | NONE | NONE | — | No browser automation in skill |
| Database | NONE | NONE | — | No database access in skill |
File Tree
1 files · 822 B · 26 lines Markdown 1f · 26L
└─
SKILL.md
Markdown
Security Positives
✓ No executable code present - only documentation
✓ No suspicious imports (subprocess, os, requests, etc.)
✓ No credential harvesting or environment variable access
✓ No network requests or data exfiltration paths
✓ No obfuscated code or base64 payloads
✓ No dependency files that could introduce supply chain risks
✓ No sensitive file access patterns detected