Scan Report
0 /100
hfmirror-trending-en
Fetches real-time Hugging Face trending data via the public HF-Mirror API and generates structured Markdown reports in English
A benign HuggingFace trending data fetcher that makes a single public API call and writes markdown output using only Python standard library.
Safe to install
No action needed. This skill is safe to use as documented.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Network | READ | READ | ✓ Aligned | scripts/summarize.py:29 - urllib.request.Request() |
| Filesystem | WRITE | WRITE | ✓ Aligned | scripts/summarize.py:91 - open(md_path, 'w') |
| Shell | NONE | NONE | — | No subprocess calls found |
| Environment | NONE | NONE | — | Only sys.argv access |
1 findings
Medium External URL 外部 URL
https://hf-mirror.com/api/trending SKILL.md:21 File Tree
2 files · 7.5 KB · 178 lines Python 1f · 121L
Markdown 1f · 57L
├─
▾
scripts
│ └─
summarize.py
Python
└─
SKILL.md
Markdown
Security Positives
✓ Uses only Python standard library (json, urllib, os, sys) with zero external dependencies
✓ Accesses only a well-known public API (hf-mirror.com) with a proper User-Agent header
✓ No credential access or sensitive path traversal
✓ No shell execution or subprocess calls
✓ No obfuscation techniques (base64, eval, atob)
✓ Code is straightforward and matches SKILL.md documentation exactly
✓ MIT licensed with clear author attribution