Scan Report
5 /100
drbinary-analysis
Binary analysis skill using Dr. Binary sandbox for reverse engineering and malware analysis
Legitimate binary analysis skill that uploads files to a documented sandbox service with no hidden functionality or malicious behavior.
Safe to install
No action required. The skill performs exactly as documented.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | READ | READ | ✓ Aligned | upload.py:52 - open(file_path, 'rb') |
| Network | WRITE | WRITE | ✓ Aligned | upload.py:56-62 - urllib.request.Request with Bearer token |
| Shell | NONE | NONE | — | No shell execution found |
| Environment | READ | READ | ✓ Aligned | upload.py:27 - os.environ.get('DRBINARY_API_KEY') |
1 findings
Medium External URL 外部 URL
https://mcp.deepbits.com/workspace/upload upload.py:23 File Tree
2 files · 4.0 KB · 150 lines Python 1f · 78L
Markdown 1f · 72L
├─
SKILL.md
Markdown
└─
upload.py
Python
Security Positives
✓ Clear documentation matching actual implementation
✓ API key only used for authentication to sandbox service
✓ No arbitrary code execution or shell commands
✓ Standard multipart form-data upload pattern
✓ No credential harvesting or exfiltration
✓ User-Agent curl/7.88.1 is cosmetic, not suspicious
✓ Environment variable loading from .env is documented and reasonable