zh-novel-writer Security Report — Low Risk | ClawSafe

15 /100

zh-novel-writer

批量生成网络小说章节。通过环境变量读取 API keys 并调用外部 LLM API (ModelScope, Fyra, Ph8) 生成中文小说内容。

Novel generation skill that legitimately calls external LLM APIs using declared environment variables, with no hidden functionality or malicious behavior detected.

Skill Namezh-novel-writer

Duration31.5s

Enginepi

✓

Safe to install

Skill is safe for use. Ensure API keys are from trusted providers before setting environment variables.

Findings 2 items

Severity	Finding	Location
Low	Environment variable access for API keys Sensitive Access Script reads API keys from environment variables (NOVEL_MODELSCOPE_KEY, NOVEL_FYRA_KEY, NOVEL_PH8_KEY) as declared in documentation. `key = os.environ.get(cfg['key_env'], '')` → This is expected and documented behavior. Ensure keys are stored securely and not logged.	`scripts/batch_generate.py:43`
Low	User content sent to third-party LLM APIs Data Exfil Novel outlines and content requests are sent to ModelScope, Fyra.im, and ph8.co external services. This is declared in SKILL.md but worth noting for data sensitivity. `httpx.post(cfg['url'], json={'model': ..., 'messages': [{'role': 'user', 'content': text}]})` → Be aware that user-provided novel outlines and prompts will be sent to external API providers. Do not use with sensitive or proprietary content if not comfortable with this.	`scripts/batch_generate.py:91`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`WRITE`	`WRITE`	✓ Aligned	batch_generate.py:147 - open() for output files
Network	`WRITE`	`WRITE`	✓ Aligned	batch_generate.py:91 - httpx.post() to external APIs
Environment	`READ`	`READ`	✓ Aligned	batch_generate.py:43 - os.environ.get() for API keys
Shell	`NONE`	`NONE`	—	No subprocess or shell execution found
Skill Invoke	`NONE`	`NONE`	—	No skill_invoke usage

3 findings

🔗

Medium External URL 外部 URL

https://api-inference.modelscope.cn/v1/chat/completions

SKILL.md:29

🔗

Medium External URL 外部 URL

https://Fyra.im/v1/chat/completions

SKILL.md:30

🔗

Medium External URL 外部 URL

https://ph8.co/v1/chat/completions

SKILL.md:31

File Tree

4 files · 13.8 KB · 433 lines

Python 1f · 271L Markdown 3f · 162L

├─ ▾ 📁 references

│ ├─ 📝 api-config.md Markdown 27L · 861 B

│ └─ 📝 prompt-template.md Markdown 78L · 2.3 KB

├─ ▾ 📁 scripts

│ └─ 🐍 batch_generate.py Python 271L · 8.9 KB

└─ 📝 SKILL.md Markdown 57L · 1.8 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`httpx`	`not pinned`	pip	No	httpx is declared in SKILL.md but version not pinned in requirements

Security Positives

✓ Clean implementation with no obfuscation or base64 encoding

✓ All environment variable and network access fully declared in SKILL.md

✓ No subprocess, shell execution, or credential harvesting beyond declared API keys

✓ API keys are only used for their intended purpose (LLM API authentication)

✓ No access to sensitive paths like ~/.ssh, ~/.aws, or .env files

✓ Output files are written only to user-specified directories

✓ No persistence mechanisms (no cron jobs, startup scripts, or backdoors)

✓ Code is readable and follows straightforward logic

Scan Report

Findings 2 items

File Tree

Dependencies 1 items

Security Positives