扫描报告
20 /100
Tech News
提供AI、硬核硬件、开源动向及前沿技术深度解析 (described) | Local services discovery platform (actual)
Skill contains only documentation with no executable code. A doc deception issue exists where the 'Tech News' title doesn't match the local services discovery functionality described, but no malicious behavior is present.
可以安装
Review SKILL.md for accurate description alignment. The stated 'Tech News' name and description contradict the actual local services discovery content. No action required for security, but documentation should be corrected for clarity.
安全发现 1 项
| 严重性 | 安全发现 | 位置 |
|---|---|---|
| 低危 | SKILL.md title and description do not match content 文档欺骗 | SKILL.md:1 |
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | NONE | — | No file operations found - only markdown documentation exists |
| 网络访问 | NONE | NONE | — | No network requests in skill |
| 命令执行 | NONE | NONE | — | No shell commands in skill |
| 环境变量 | NONE | NONE | — | No environment access in skill |
| 技能调用 | NONE | NONE | — | No skill invocation in skill |
| 剪贴板 | NONE | NONE | — | No clipboard access in skill |
| 浏览器 | NONE | NONE | — | No browser automation in skill |
| 数据库 | NONE | NONE | — | No database access in skill |
目录结构
1 文件 · 822 B · 26 行 Markdown 1f · 26L
└─
SKILL.md
Markdown
安全亮点
✓ No executable code present - only documentation
✓ No suspicious imports (subprocess, os, requests, etc.)
✓ No credential harvesting or environment variable access
✓ No network requests or data exfiltration paths
✓ No obfuscated code or base64 payloads
✓ No dependency files that could introduce supply chain risks
✓ No sensitive file access patterns detected