google-recaptcha 安全扫描报告 — 可信 | ClawSafe

0 /100

google-recaptcha

Google reCAPTCHA integration via Membrane CLI for managing reCAPTCHA data and automating workflows

A legitimate, well-documented Google reCAPTCHA integration skill using Membrane CLI with transparent credential handling.

技能名称google-recaptcha

分析耗时21.0s

引擎pi

✓

可以安装

No action required. The skill is safe to use with declared network and shell permissions.

资源类型	声明权限	推断权限	状态	证据
网络访问	`READ`	`READ`	✓ 一致	SKILL.md:6 - 'compatibility: Requires network access'
命令执行	`WRITE`	`WRITE`	✓ 一致	SKILL.md:27-28 - npm install documented
文件系统	`NONE`	`NONE`	—	No file operations in skill
环境变量	`NONE`	`NONE`	—	Credentials handled server-side by Membrane
技能调用	`NONE`	`NONE`	—	No inter-skill calls

2 项发现

🔗

中危外部 URL 外部 URL

https://getmembrane.com

SKILL.md:7

🔗

中危外部 URL 外部 URL

https://developers.google.com/recaptcha

SKILL.md:19

目录结构

1 文件 · 4.4 KB · 121 行

Markdown 1f · 121L

└─ 📝 SKILL.md Markdown 121L · 4.4 KB

✓ All shell commands are documented and necessary (npm install, membrane CLI)

✓ Credentials handled server-side by Membrane with no local secrets

✓ Clear documentation of all external URLs and their purposes

✓ No credential harvesting or data exfiltration patterns detected

✓ No obfuscation, base64 execution, or hidden functionality

✓ Open source references provided (github.com/membranedev/application-skills)

✓ Standard npm package from legitimate vendor (@membranehq/cli)

✓ Security best practice: 'Let Membrane handle credentials — never ask the user for API keys'