中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:1 day ago Rescan
5 /100
杠精 (gangjing)
A contrarian review and red-team skill for product, architecture, and code decisions — challenges technical assumptions and can run code attack engines
杠精 is a legitimate red-team code review skill containing only Markdown reference documentation and a non-executable harness template; no actual scripts, credentials, network calls, or obfuscation are present.
Skill Name杠精 (gangjing)
Duration34.7s
Enginepi
Safe to install
No action needed. This skill is a pure documentation package — no actual executable code is included. If deploying the canonical full-repo version, ensure scripts/ are reviewed for proper sandboxing as documented.
ResourceDeclaredInferredStatusEvidence
Filesystem READ READ ✓ Aligned SKILL.md references/ — only Markdown files present, no write operations
Network NONE NONE No network calls in any file
Shell WRITE WRITE ✓ Aligned SKILL.md shell:WRITE declared for running harness.py/js; scripts/ absent in this…
Environment NONE NONE No environment variable access in any file
Skill Invoke NONE NONE No inter-skill invocation
Clipboard NONE NONE No clipboard access
Browser NONE NONE No browser access
Database NONE NONE No database access
1 Critical 2 findings
💀
Critical Dangerous Command 危险 Shell 命令
rm -rf /
references/attack-patterns.md:166
📧
Info Email 邮箱地址
[email protected]
references/attack-patterns.md:768

File Tree

10 files · 89.3 KB · 2756 lines
Markdown 10f · 2756L
├─ 📁 references
│ ├─ 📝 attack-dimensions.md Markdown 248L · 7.6 KB
│ ├─ 📝 attack-patterns.md Markdown 778L · 20.7 KB
│ ├─ 📝 intensity-calibration.md Markdown 146L · 4.3 KB
│ └─ 📝 tool-integration.md Markdown 137L · 3.6 KB
├─ 📁 templates
│ ├─ 📝 attack-engine-kit.md Markdown 739L · 24.5 KB
│ └─ 📝 decision-autopsy.md Markdown 89L · 2.1 KB
├─ 📝 PROMO.md Markdown 24L · 635 B
├─ 📝 README.md Markdown 162L · 7.5 KB
├─ 📝 SKILL.md Markdown 392L · 17.2 KB
└─ 📝 USAGE.md Markdown 41L · 1.3 KB

Security Positives

✓ SKILL.md explicitly declares shell:WRITE for harness execution — doc-to-code alignment is clear
✓ Attack engine has documented security boundaries: target_module must be within attack config directory, no ~ or system paths
✓ Harness uses process isolation (multiprocessing spawn/fork) with per-attack timeouts
✓ No credentials, .env files, SSH keys, or sensitive paths accessed anywhere
✓ No network requests, exfiltration, or C2 communication
✓ No base64, eval, or obfuscation patterns found
✓ No curl|bash, wget|sh, or pip install without pinning
✓ IOC 'rm -rf /' is purely a documented command-injection payload example in references/attack-patterns.md, not executable code
✓ Package is intentionally registry-safe: no ready-to-run scripts bundled, only Markdown documentation and a template