中文 EN

扫描报告

扫描新文件

可信 — 风险评分 5/100
上次扫描:19 小时前 重新扫描
5 /100
ielts-speaking-coach
IELTS Speaking examiner and tutor skill with audio pronunciation scoring, Part 1/2/3 practice, mock exams, and ZPD learning paths
IELTS Speaking Coach is a clean, documentation-only skill with no executable code. All declared permissions (network for LLM API calls, shell for ffmpeg audio conversion) match actual usage patterns with no hidden functionality.
技能名称ielts-speaking-coach
分析耗时53.9s
引擎pi
可以安装
Approve for deployment. No security concerns identified. The optional backend reference in TESTING.md is localhost-only and documented.
资源类型声明权限推断权限状态证据
文件系统 NONE NONE No file read/write operations — uses bundled reference files only
网络访问 READ READ ✓ 一致 LLM API calls for scoring, feedback, model answers — declared in SKILL.md permis…
命令执行 WRITE WRITE ✓ 一致 ffmpeg audio conversion (16kHz mono WAV) — declared in SKILL.md Audio Analysis s…
环境变量 NONE NONE No environment variable access
技能调用 NONE NONE No sub-skill invocation
剪贴板 NONE NONE No clipboard access
浏览器 NONE NONE No browser usage
数据库 NONE NONE No database access — optional backend is localhost-only
1 项发现
🔗
中危 外部 URL 外部 URL
http://host.docker.internal:8081
TESTING.md:107

目录结构

14 文件 · 97.1 KB · 2355 行
Markdown 11f · 1983L JSON 2f · 251L YAML 1f · 121L
├─ 📝 CHANGELOG.md Markdown 59L · 3.3 KB
├─ 📋 clawhub.json JSON 12L · 1.1 KB
├─ 📝 cue-cards-2025-may-aug.md Markdown 160L · 3.6 KB
├─ 📝 cue-cards.md Markdown 527L · 10.7 KB
├─ 📝 examples.md Markdown 125L · 8.5 KB
├─ 📝 learning-path.md Markdown 277L · 13.2 KB
├─ 📝 pronunciation-guide.md Markdown 173L · 5.3 KB
├─ 📝 PUBLISH.md Markdown 47L · 1.9 KB
├─ 📝 README.md Markdown 134L · 5.7 KB
├─ 📝 scoring-rubric.md Markdown 242L · 8.8 KB
├─ 📝 SKILL.md Markdown 132L · 4.1 KB
├─ 📋 skill.yaml YAML 121L · 6.4 KB
├─ 📝 TESTING.md Markdown 107L · 2.4 KB
└─ 📋 vocab-map.json JSON 239L · 22.1 KB

安全亮点

✓ All 14 files are documentation/data (Markdown/JSON/YAML) — no executable code whatsoever
✓ Permissions (network, shell) are accurately declared and match actual use
✓ No .env files, no hardcoded credentials, no API key access
✓ Audio processing via ffmpeg is documented and necessary for pronunciation scoring
✓ The optional backend URL (host.docker.internal:8081) is localhost-only, not an external C2 endpoint
✓ No obfuscation, no base64 payloads, no eval() calls
✓ No supply chain risk — no external dependencies pinned or unpinned
✓ Reference files (scoring-rubric.md, cue-cards.md, vocab-map.json) are static educational content