zhongjie Security Report — Low Risk | ClawSafe

5 /100

zhongjie

中介哥 — AI real estate consultant assistant for Chinese homebuyers

Legitimate real estate agent assistant skill with benign web scraping and data management functionality; pre-scan IOC false positives do not represent actual threats.

Skill Namezhongjie

Duration43.7s

Enginepi

✓

Safe to install

Skill is safe to use. No action required. The pre-scan flagged browser version numbers in User-Agent strings as IP addresses — a false positive. Ensure playwright dependency is from a trusted source when installing.

Findings 3 items

Severity	Finding	Location
Info	PROJECT_ROOT environment variable dependency Sensitive Access scripts/server.py and scripts/utils.py rely on a PROJECT_ROOT environment variable. If unset, they fall back to os.getcwd(). This is documented behavior and does not constitute a security risk. `PROJECT_ROOT = os.environ.get("PROJECT_ROOT", os.getcwd())` → No action needed — behavior is intentional and documented in SKILL.md	`scripts/server.py:74`
Info	Pre-scan false positive: browser version numbers misidentified as IP addresses Obfuscation The pre-scan IOC engine incorrectly matched Chrome/Firefox version strings (e.g., 'Chrome/123.0.0.0') in User-Agent arrays as hardcoded IP addresses. These are standard browser version identifiers used for web scraping evasion, not IP addresses pointing to external servers. No actual network connections to 123.0.0.0, 122.0.0.0, 124.0.0.0, or 131.0.0.0 are made. `"Mozilla/5.0 ... Chrome/123.0.0.0 Safari/537.36"` → Dismiss as false positive; no security action required	`scripts/search_wechat.py:46`
Info	Playwright browser automation not explicitly declared in SKILL.md Doc Mismatch SKILL.md mentions that --fetch-content 'uses Playwright to scrape article content' but does not explicitly declare the allowed-tool mapping for browser automation. The tool is used legitimately for WeChat content scraping and is referenced in the SKILL.md search tools section. This is a minor documentation gap, not a security violation. `--fetch-content 使用 Playwright 无头浏览器抓取文章正文` → Consider adding browser:READ to declared capabilities in SKILL.md for completeness	`SKILL.md:231`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`WRITE`	`WRITE`	✓ Aligned	server.py:lines managing data/preferences.md, data/research.md, data/report.md, …
Network	`READ`	`READ`	✓ Aligned	search_wechat.py: urllib requests to weixin.sogou.com and mp.weixin.qq.com; serv…
Shell	`NONE`	`NONE`	—	No subprocess or shell execution found; only standard library HTTP/networking us…
Environment	`NONE`	`READ`	✓ Aligned	server.py: reads PROJECT_ROOT env var; search_wechat.py: reads PROJECT_ROOT from…
Skill Invoke	`NONE`	`NONE`	—	No skill-to-skill invocation detected
Clipboard	`NONE`	`NONE`	—	No clipboard access found
Browser	`NONE`	`NONE`	—	Browser accessed via Playwright for WeChat content scraping, but only as a searc…
Database	`NONE`	`NONE`	—	No database access detected

4 High 21 findings

📡

High IP Address 硬编码 IP 地址

123.0.0.0

scripts/search_wechat.py:46

📡

High IP Address 硬编码 IP 地址

122.0.0.0

scripts/search_wechat.py:48

📡

High IP Address 硬编码 IP 地址

124.0.0.0

scripts/search_wechat.py:49

📡

High IP Address 硬编码 IP 地址

131.0.0.0

scripts/search_wechat.py:465

🔗

Medium External URL 外部 URL

https://mp.weixin.qq.com/s/xxx

SKILL.md:221

🔗

Medium External URL 外部 URL

https://tailwindcss.com

assets/dist/assets/index-D6Fv9-73.css:1

🔗

Medium External URL 外部 URL

https://www.amap.com/search?query=

references/map_display.md:29

🔗

Medium External URL 外部 URL

https://www.amap.com/around?query=

references/map_display.md:35

🔗

Medium External URL 外部 URL

https://www.amap.com/search?query=绿城桂语兰庭&city=440300

references/map_display.md:51

🔗

Medium External URL 外部 URL

https://www.amap.com/search?query=拾悦城楠园&city=440300

references/map_display.md:54

🔗

Medium External URL 外部 URL

https://www.amap.com/around?query=学校&center=113.88

references/map_display.md:60

🔗

Medium External URL 外部 URL

https://www.amap.com/around?query=地铁站&center=113.88

references/map_display.md:61

🔗

Medium External URL 外部 URL

https://lbs.amap.com/

references/map_display.md:104

🔗

Medium External URL 外部 URL

http://bsy.sz.bendibao.com/bsyDetail/640838.html

references/school_enrollment_policies.md:192

🔗

Medium External URL 外部 URL

https://www.szgm.gov.cn/132100/135232/xwsq/542772/content/post_12211175.html

references/school_enrollment_policies.md:193

🔗

Medium External URL 外部 URL

https://city.shenchuang.com/city/20250221/1680964.shtml

references/school_enrollment_policies.md:194

🔗

Medium External URL 外部 URL

https://sz.bendibao.com/edu/2017329/790954.shtm

references/school_enrollment_policies.md:195

🔗

Medium External URL 外部 URL

https://weixin.sogou.com/

scripts/search_wechat.py:65

🔗

Medium External URL 外部 URL

https://v.sogou.com/v?ie=utf8&query=&p=40030600

scripts/search_wechat.py:138

🔗

Medium External URL 外部 URL

https://weixin.sogou.com

scripts/search_wechat.py:213

🔗

Medium External URL 外部 URL

https://weixin.sogou.com/weixin?query=

scripts/search_wechat.py:656

File Tree

11 files · 121.3 KB · 2597 lines

Python 4f · 1370L Markdown 5f · 1212L HTML 1f · 13L CSS 1f · 2L

├─ ▾ 📁 assets

│ └─ ▾ 📁 dist

│ ├─ ▾ 📁 assets

│ │ └─ 📄 index-D6Fv9-73.css CSS 2L · 24.1 KB

│ └─ 📄 index.html HTML 13L · 401 B

├─ ▾ 📁 references

│ ├─ 📝 data_templates.md Markdown 218L · 4.9 KB

│ ├─ 📝 dimensions.md Markdown 294L · 12.5 KB

│ ├─ 📝 map_display.md Markdown 211L · 7.7 KB

│ └─ 📝 school_enrollment_policies.md Markdown 197L · 8.1 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 score_calculator.py Python 291L · 10.6 KB

│ ├─ 🐍 search_wechat.py Python 823L · 29.3 KB

│ ├─ 🐍 server.py Python 214L · 6.6 KB

│ └─ 🐍 utils.py Python 42L · 1.4 KB

└─ 📝 SKILL.md Markdown 292L · 15.8 KB

Dependencies 4 items

Package	Version	Source	Known Vulns	Notes
`fastapi`	`*`	pip	No	Used for web API server
`uvicorn`	`*`	pip	No	ASGI server
`pydantic`	`*`	pip	No	Data validation for API models
`playwright`	`*`	pip (optional)	No	Optional; only needed for --fetch-content; version pinning recommended

Security Positives

✓ All file operations are confined to a structured .skills-data/zhongjie/ data directory outside the skill source tree

✓ SKILL.md thoroughly documents all search tools, data flows, and runtime directory structure

✓ No credential theft, exfiltration, or reverse shell behavior detected

✓ No base64 encoding, eval(), or obfuscated code execution found

✓ No access to ~/.ssh, ~/.aws, .env secrets, or other sensitive paths

✓ No supply chain threats — uses only standard library plus well-known packages (fastapi, uvicorn, playwright)

✓ CORS middleware on FastAPI is localhost-only (127.0.0.1) by default

✓ No suspicious system hooks, cron jobs, or persistence mechanisms

Scan Report

Findings 3 items

File Tree

Dependencies 4 items

Security Positives