中文 EN

扫描报告

扫描新文件

可信 — 风险评分 5/100
上次扫描:18 小时前 重新扫描
5 /100
AI Customer Service Scripts Generator
AI-powered customer service reply script generator for 10+ industries
A straightforward AI customer service script generator with no malicious patterns — all behavior is declared and consistent with documentation.
技能名称AI Customer Service Scripts Generator
分析耗时22.9s
引擎pi
可以安装
No action required. The skill is safe for use. Consider pinning the openclaw dependency version for stability.

安全发现 1 项

严重性 安全发现 位置
低危
Unpinned dependency (openclaw) 供应链
The openclaw package is used without version pinning, which could lead to unexpected behavior if the package is updated.
from openclaw import OpenClaw
→ Pin the openclaw version in a requirements.txt or pyproject.toml, e.g. openclaw>=1.0.0,<2.0.0
 scripts_generator.py:9
资源类型声明权限推断权限状态证据
文件系统 NONE NONE No filesystem access in scripts_generator.py
网络访问 NONE READ ✓ 一致 Uses openclaw SDK for API calls; no raw socket/IP usage
命令执行 NONE NONE No subprocess or shell execution
环境变量 READ READ ✓ 一致 Only reads OPENCLAW_API_KEY, as documented
技能调用 NONE NONE No inter-skill invocation
剪贴板 NONE NONE No clipboard access
浏览器 NONE NONE No browser automation
数据库 NONE NONE No database access
1 项发现
🔗
中危 外部 URL 外部 URL
https://discord.gg/clawd
SKILL.md:54

目录结构

2 文件 · 5.6 KB · 177 行
Python 1f · 118L Markdown 1f · 59L
├─ 🐍 scripts_generator.py Python 118L · 4.3 KB
└─ 📝 SKILL.md Markdown 59L · 1.3 KB

依赖分析 1 项

包名版本来源已知漏洞备注
openclaw unpinned pip (pip install openclaw) Version not specified in any dependency file

安全亮点

✓ No shell or subprocess execution of any kind
✓ No filesystem write operations
✓ No credential harvesting beyond the declared OPENCLAW_API_KEY
✓ No obfuscation (no base64, eval, or dynamic code execution)
✓ No sensitive path access (~/.ssh, ~/.aws, .env, etc.)
✓ No data exfiltration — all network traffic is through the documented openclaw SDK
✓ Code and documentation are consistent — no hidden functionality
✓ No suspicious URLs, IP addresses, or external C2 indicators