扫描报告
0 /100
oatda-vision-analysis
Analyze images using vision-capable AI models through OATDA's unified API
A well-documented image analysis API client that reads credentials from a declared file and calls an external vision AI API. All behavior is declared and no security concerns found.
可以安装
This skill is safe to use. No action required.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | READ | READ | ✓ 一致 | SKILL.md:24 reads ~/.oatda/credentials.json for API key |
| 网络访问 | READ | READ | ✓ 一致 | SKILL.md:40-50 makes HTTPS POST to oatda.com |
| 命令执行 | WRITE | WRITE | ✓ 一致 | SKILL.md metadata declares curl and jq as required binaries |
| 环境变量 | READ | READ | ✓ 一致 | SKILL.md:24 reads OATDA_API_KEY environment variable |
2 项发现
中危 外部 URL 外部 URL
https://oatda.com SKILL.md:4 中危 外部 URL 外部 URL
https://oatda.com/api/v1/llm/image SKILL.md:58 目录结构
1 文件 · 4.6 KB · 141 行 Markdown 1f · 141L
└─
SKILL.md
Markdown
安全亮点
✓ All capabilities declared in SKILL.md metadata and inline documentation
✓ URL validation explicitly rejects HTTP, local files, and internal IPs
✓ API key handling is security-conscious (only shows first 8 chars)
✓ Pure API client with no hidden functionality
✓ Well-structured error handling for HTTP status codes
✓ No base64 execution, eval(), or suspicious shell patterns
✓ No credential exfiltration or data theft patterns
✓ Required binaries (curl, jq) are declared in metadata
✓ API endpoint and body format are clearly documented