中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 15/100
上次扫描:1 天前 重新扫描
15 /100
humanizerai
AI text detection and humanization CLI to bypass GPTZero, Turnitin, and other detectors
A legitimate third-party CLI wrapper for humanizerai.com API with no malicious behavior, though Bash tool wildcard access is broader than strictly necessary.
技能名称humanizerai
分析耗时41.7s
引擎pi
可以安装
Consider restricting Bash to specific subcommands (e.g., Bash(humanizerai:detect|humanize|credits)) to align with least-privilege principle.

安全发现 2 项

严重性 安全发现 位置
低危
Filesystem read not documented 文档欺骗
SKILL.md does not mention the -f flag for file-based operations, though it's implemented and used legitimately in detect and humanize commands.
text = fs.readFileSync(argv.file, 'utf-8');
→ Document the -f flag in SKILL.md usage examples for completeness.
 src/commands/detect.ts:14
低危
Bash wildcard broader than necessary 权限提升
allowed-tools declares Bash(humanizerai:*) which technically allows any subcommand, though only detect/humanize/credits exist in the codebase.
allowed-tools: Bash(humanizerai:*)
→ Consider restricting to specific commands: Bash(humanizerai:detect|humanize|credits) for least-privilege alignment.
 SKILL.md:7
资源类型声明权限推断权限状态证据
网络访问 READ READ ✓ 一致 api.ts:35 - Makes HTTP POST/GET requests to humanizerai.com API
文件系统 NONE READ ✓ 一致 commands/detect.ts:14, commands/humanize.ts:14 - Uses fs.readFileSync with -f fl…
环境变量 READ READ ✓ 一致 config.ts:9 - Reads HUMANIZERAI_API_KEY and HUMANIZERAI_API_URL from process.env
命令执行 WRITE WRITE ✓ 一致 SKILL.md declares Bash(humanizerai:*) which provides shell:WRITE
12 项发现
🔗
中危 外部 URL 外部 URL
https://humanizerai.com/dashboard
README.md:19
🔗
中危 外部 URL 外部 URL
https://humanizerai.com
README.md:72
🔗
中危 外部 URL 外部 URL
https://humanizerai.com/docs/api
README.md:73
🔗
中危 外部 URL 外部 URL
https://agentskill.sh
README.md:74
🔗
中危 外部 URL 外部 URL
https://www.npmjs.com/package/humanizerai
SKILL.md:34
🔗
中危 外部 URL 外部 URL
https://agentskill.sh**
SKILL.md:369
🔗
中危 外部 URL 外部 URL
https://humanizerai.com/api/v1
dist/index.js:34
🔗
中危 外部 URL 外部 URL
https://humanizerai.com\n\nSet
dist/index.js:212
🔗
中危 外部 URL 外部 URL
https://paulmillr.com/funding/
package-lock.json:971
🔗
中危 外部 URL 外部 URL
https://opencollective.com/postcss/
package-lock.json:1318
🔗
中危 外部 URL 外部 URL
https://humanizerai.com\n\n
src/index.ts:79
📧
提示 邮箱 邮箱地址
[email protected]
package.json:35

目录结构

13 文件 · 80.8 KB · 2709 行
JSON 3f · 1756L Markdown 2f · 443L TypeScript 7f · 297L JavaScript 1f · 213L
├─ 📁 dist
│ └─ 📜 index.js JavaScript 213L · 7.0 KB
├─ 📁 src
│ ├─ 📁 commands
│ │ ├─ 📜 credits.ts TypeScript 13L · 323 B
│ │ ├─ 📜 detect.ts TypeScript 34L · 916 B
│ │ └─ 📜 humanize.ts TypeScript 42L · 1.1 KB
│ ├─ 📜 api.ts TypeScript 96L · 2.2 KB
│ ├─ 📜 config.ts TypeScript 17L · 564 B
│ └─ 📜 index.ts TypeScript 83L · 2.6 KB
├─ 📋 package-lock.json JSON 1685L · 53.8 KB
├─ 📋 package.json JSON 56L · 1.2 KB
├─ 📝 README.md Markdown 74L · 1.7 KB
├─ 📝 SKILL.md Markdown 369L · 9.0 KB
├─ 📋 tsconfig.json JSON 15L · 304 B
└─ 📜 tsup.config.ts TypeScript 12L · 214 B

依赖分析 1 项

包名版本来源已知漏洞备注
yargs ^17.7.2 npm Popular CLI parsing library with stable versioning

安全亮点

✓ No credential exfiltration or API key harvesting beyond intended usage
✓ No base64-encoded payloads or obfuscated code
✓ No remote script execution (curl|bash, wget|sh)
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)
✓ No data exfiltration to external IPs beyond the documented API
✓ Clean, straightforward TypeScript implementation with no hidden functionality
✓ Dependencies are well-known packages (yargs) with reasonable version constraints
✓ API key is used only for authenticated requests to the documented humanizerai.com endpoint