中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:22 hr ago Rescan
5 /100
shotstack
Shotstack integration for video API via Membrane platform
This is a documentation-only Shotstack integration skill with no executable code; all capabilities are clearly declared and it properly delegates credential management to the Membrane platform.
Skill Nameshotstack
Duration35.4s
Enginepi
Safe to install
Approve for use. The skill uses a legitimate third-party platform (Membrane) and explicitly avoids credential harvesting by design.

Findings 1 items

Severity Finding Location
Low
Unpinned npm package installation Supply Chain
The skill instructs users to run 'npm install -g @membranehq/cli' without a version pin. This allows the package to change between runs, potentially introducing unexpected behavior. While @membranehq is a legitimate package, pinning versions is a security best practice.
npm install -g @membranehq/cli
→ Pin to a specific version: npm install -g @membranehq/[email protected]
 SKILL.md:24
ResourceDeclaredInferredStatusEvidence
Network READ READ ✓ Aligned SKILL.md:49-68 — membrane request proxy for Shotstack API calls
Shell WRITE WRITE ✓ Aligned SKILL.md:24 — npm install -g @membranehq/cli; SKILL.md:28-44 — membrane login/co…
Filesystem NONE NONE No file read/write operations in skill — only CLI commands
Environment NONE NONE SKILL.md:71 explicitly instructs not to access environment variables for API key…
Skill Invoke NONE NONE No cross-skill invocation documented
2 findings
🔗
Medium External URL 外部 URL
https://getmembrane.com
SKILL.md:7
🔗
Medium External URL 外部 URL
https://shotstack.io/docs/
SKILL.md:19

File Tree

1 files · 4.4 KB · 128 lines
Markdown 1f · 128L
└─ 📝 SKILL.md Markdown 128L · 4.4 KB

Dependencies 1 items

PackageVersionSourceKnown VulnsNotes
@membranehq/cli unpinned npm No No version pin in SKILL.md install command; minor supply chain hygiene issue

Security Positives

✓ Skill is pure documentation with no executable code — no scripts, no binary files
✓ SKILL.md explicitly states 'never ask the user for API keys or tokens' — anti-credential-harvesting by design
✓ Credential management fully delegated to the Membrane platform, keeping secrets server-side
✓ All shell commands (npm, membrane CLI) are clearly documented in SKILL.md with no hidden functionality
✓ No base64 encoding, obfuscation, or anti-analysis patterns detected
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env) or environment variable enumeration
✓ No external data exfiltration, C2 communication, or suspicious network patterns
✓ Uses @membranehq/cli@latest in examples but recommends installation once — minor, not exploitable