中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:2 days ago Rescan
5 /100
network-device-scanner
扫描局域网内活跃设备及其开放端口,返回格式化Markdown表格
A legitimate network device scanner skill that performs local LAN scanning using standard tools (arp, ping, socket connections) with all capabilities properly declared in documentation.
Skill Namenetwork-device-scanner
Duration59.6s
Enginepi
Safe to install
Skill is safe to use. No security concerns identified.

Findings 1 items

Severity Finding Location
Low
Hardcoded network range
Script uses a hardcoded 172.16.10.0/24 network range rather than dynamically detecting the current LAN subnet. This limits portability but does not pose a security risk.
NETWORK = "172.16.10.0/24"
→ Consider using ipcalc or reading the local network configuration to dynamically determine the subnet.
 scripts/scan.py:18
ResourceDeclaredInferredStatusEvidence
Filesystem READ READ ✓ Aligned scan.py:48-57 reads /proc/net/arp
Network READ_WRITE READ_WRITE ✓ Aligned scan.py:111-116 socket port scanning
Shell WRITE WRITE ✓ Aligned scan.py:33-34 subprocess arp/fping commands
Environment NONE READ ✓ Aligned scan.py:158 reads SCAN_EXTRA_IPS env var

File Tree

4 files · 17.0 KB · 585 lines
Python 1f · 294L JavaScript 1f · 224L Markdown 1f · 61L Text 1f · 6L
├─ 📁 scripts
│ ├─ 📜 scan.cjs JavaScript 224L · 5.9 KB
│ └─ 🐍 scan.py Python 294L · 8.8 KB
├─ 📄 result.txt Text 6L · 301 B
└─ 📝 SKILL.md Markdown 61L · 2.0 KB

Security Positives

✓ All shell commands (arp, fping, nmap, ping) are declared in SKILL.md
✓ No credential harvesting or sensitive file access
✓ No data exfiltration to external IPs
✓ No base64/eval/atob code execution patterns
✓ Port scanning is limited to predefined common ports (21,22,23,53,80,135,139,443,445,554,8000,8080,8443,9000,37777)
✓ Network operations scoped to local subnet only
✓ Python and JS implementations are consistent in behavior
✓ Timeout protection on all subprocess calls