扫描报告
5 /100
drbinary-analysis
Binary analysis skill using Dr. Binary sandbox for reverse engineering and malware analysis
Legitimate binary analysis skill that uploads files to a documented sandbox service with no hidden functionality or malicious behavior.
可以安装
No action required. The skill performs exactly as documented.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | READ | READ | ✓ 一致 | upload.py:52 - open(file_path, 'rb') |
| 网络访问 | WRITE | WRITE | ✓ 一致 | upload.py:56-62 - urllib.request.Request with Bearer token |
| 命令执行 | NONE | NONE | — | No shell execution found |
| 环境变量 | READ | READ | ✓ 一致 | upload.py:27 - os.environ.get('DRBINARY_API_KEY') |
1 项发现
中危 外部 URL 外部 URL
https://mcp.deepbits.com/workspace/upload upload.py:23 目录结构
2 文件 · 4.0 KB · 150 行 Python 1f · 78L
Markdown 1f · 72L
├─
SKILL.md
Markdown
└─
upload.py
Python
安全亮点
✓ Clear documentation matching actual implementation
✓ API key only used for authentication to sandbox service
✓ No arbitrary code execution or shell commands
✓ Standard multipart form-data upload pattern
✓ No credential harvesting or exfiltration
✓ User-Agent curl/7.88.1 is cosmetic, not suspicious
✓ Environment variable loading from .env is documented and reasonable