jiuma-ai-video-generation 安全扫描报告 — 低风险 | ClawSafe

10 /100

jiuma-ai-video-generation

免费的ai视频生成创作平台，支持生成视频、图片、声音、视频动作模仿、视频人物替换。官网：https://www.jiuma.com

A legitimate AI video generation platform integration skill that stores auth tokens in the OS keyring and communicates exclusively with api.jiuma.com. No malicious behavior, credential exfiltration, or hidden functionality detected.

技能名称jiuma-ai-video-generation

分析耗时49.3s

引擎pi

✓

可以安装

This skill is safe to use. For improved transparency, consider documenting the network:READ capability in SKILL.md to explicitly declare the api.jiuma.com API calls.

安全发现 4 项

严重性	安全发现	位置
低危	Network access not formally declared in capability mapping The SKILL.md does not declare a capability model, and the external network requests to api.jiuma.com are not explicitly documented as a capability. Since network access is fundamental to the skill's purpose (calling the jiuma AI platform API), this is a documentation gap rather than a security violation. `No capability model declaration present` → Add a formal capability declaration section at the top of SKILL.md listing filesystem:READ, filesystem:WRITE, network:READ, and shell:WRITE permissions alongside their justifications.	`SKILL.md:1`
低危	External URLs in documentation SKILL.md references https://www.jiuma.com and https://picsum.photos/800/450 as part of the documented workflow. These are expected for a video generation platform skill. `https://www.jiuma.com` → No action needed; these URLs are integral to the skill's stated purpose.	`SKILL.md:3`
提示	Credential stored in OS keyring (not plaintext) Auth tokens are stored using the keyring library in the system keychain rather than hardcoded or stored in plaintext files. This is a positive security practice. `keyring.set_password("jiuma_ai", "authorized_token", token)` → This is appropriate. No change needed.	`scripts/auth.py:23`
提示	pip install instructions without version pinning SKILL.md Installation section uses 'pip install keyring' and 'pip install keyrings.alt' without version constraints. These are well-known packages and this is a minor practice issue. `pip install keyring` → Pin versions for reproducibility: pip install keyring==X.Y.Z keyrings.alt==X.Y.Z	`SKILL.md:123`

资源类型	声明权限	推断权限	状态	证据
命令执行	`WRITE`	`WRITE`	✓ 一致	SKILL.md: Bash commands execute Python scripts with arguments
文件系统	`READ`	`READ`	✓ 一致	SKILL.md: Read tool for file path verification
文件系统	`WRITE`	`WRITE`	✓ 一致	scripts/upload_file.py:67 — reads local files for upload via os.path.expanduser(…
网络访问	`NONE`	`READ`	✓ 一致	All scripts: requests.post/get to https://api.jiuma.com/* (api.jiuma.com, api.ji…
环境变量	`NONE`	`NONE`	—	No os.environ iteration found; tokens stored via keyring (not env vars)
剪贴板	`NONE`	`NONE`	—	No clipboard access found
技能调用	`NONE`	`NONE`	—	No cross-skill invocation found

3 项发现

🔗

中危外部 URL 外部 URL

https://www.jiuma.com

SKILL.md:3

🔗

中危外部 URL 外部 URL

https://picsum.photos/800/450

SKILL.md:37

🔗

中危外部 URL 外部 URL

https://api.jiuma.com/

scripts/auth.py:11

目录结构

6 文件 · 20.4 KB · 543 行

Python 5f · 420L Markdown 1f · 123L

├─ ▾ 📁 scripts

│ ├─ 🐍 auth.py Python 126L · 4.8 KB

│ ├─ 🐍 check_auth_status.py Python 42L · 1.1 KB

│ ├─ 🐍 submit_generation_task.py Python 90L · 3.0 KB

│ ├─ 🐍 task_result.py Python 93L · 2.8 KB

│ └─ 🐍 upload_file.py Python 69L · 1.9 KB

└─ 📝 SKILL.md Markdown 123L · 6.8 KB

依赖分析 3 项

包名	版本	来源	已知漏洞	备注
`requests`	`not pinned`	implicit import	否	Used for all API calls; no version constraint in requirements.txt
`keyring`	`not pinned`	pip install in SKILL.md	否	Stores tokens in OS keychain; version not pinned in installation instructions
`keyrings.alt`	`not pinned`	pip install in SKILL.md	否	Backend for keyring; version not pinned

安全亮点

✓ Tokens are stored in the OS keyring via keyring library — not in plaintext files or environment variables

✓ No credential exfiltration: tokens are used only for authenticated API calls to the declared platform

✓ No suspicious patterns: no base64+eval chains, no subprocess for shell commands, no obfuscation

✓ No access to sensitive host paths (~/.ssh, ~/.aws, .env, etc.)

✓ All network calls are to a single, consistent domain (api.jiuma.com) using standard HTTPS

✓ No hidden HTML content, embedded scripts, or steganographic payloads

✓ HTTP 401 responses are handled gracefully (token expiry detection)

✓ File operations are scoped to user-provided paths with os.path.expanduser for tilde expansion