zh-novel-writer 安全扫描报告 — 低风险 | ClawSafe

15 /100

zh-novel-writer

批量生成网络小说章节。通过环境变量读取 API keys 并调用外部 LLM API (ModelScope, Fyra, Ph8) 生成中文小说内容。

Novel generation skill that legitimately calls external LLM APIs using declared environment variables, with no hidden functionality or malicious behavior detected.

技能名称zh-novel-writer

分析耗时31.5s

引擎pi

✓

可以安装

Skill is safe for use. Ensure API keys are from trusted providers before setting environment variables.

安全发现 2 项

严重性	安全发现	位置
低危	Environment variable access for API keys 敏感访问 Script reads API keys from environment variables (NOVEL_MODELSCOPE_KEY, NOVEL_FYRA_KEY, NOVEL_PH8_KEY) as declared in documentation. `key = os.environ.get(cfg['key_env'], '')` → This is expected and documented behavior. Ensure keys are stored securely and not logged.	`scripts/batch_generate.py:43`
低危	User content sent to third-party LLM APIs 数据外泄 Novel outlines and content requests are sent to ModelScope, Fyra.im, and ph8.co external services. This is declared in SKILL.md but worth noting for data sensitivity. `httpx.post(cfg['url'], json={'model': ..., 'messages': [{'role': 'user', 'content': text}]})` → Be aware that user-provided novel outlines and prompts will be sent to external API providers. Do not use with sensitive or proprietary content if not comfortable with this.	`scripts/batch_generate.py:91`

资源类型	声明权限	推断权限	状态	证据
文件系统	`WRITE`	`WRITE`	✓ 一致	batch_generate.py:147 - open() for output files
网络访问	`WRITE`	`WRITE`	✓ 一致	batch_generate.py:91 - httpx.post() to external APIs
环境变量	`READ`	`READ`	✓ 一致	batch_generate.py:43 - os.environ.get() for API keys
命令执行	`NONE`	`NONE`	—	No subprocess or shell execution found
技能调用	`NONE`	`NONE`	—	No skill_invoke usage

3 项发现

🔗

中危外部 URL 外部 URL

https://api-inference.modelscope.cn/v1/chat/completions

SKILL.md:29

🔗

中危外部 URL 外部 URL

https://Fyra.im/v1/chat/completions

SKILL.md:30

🔗

中危外部 URL 外部 URL

https://ph8.co/v1/chat/completions

SKILL.md:31

目录结构

4 文件 · 13.8 KB · 433 行

Python 1f · 271L Markdown 3f · 162L

├─ ▾ 📁 references

│ ├─ 📝 api-config.md Markdown 27L · 861 B

│ └─ 📝 prompt-template.md Markdown 78L · 2.3 KB

├─ ▾ 📁 scripts

│ └─ 🐍 batch_generate.py Python 271L · 8.9 KB

└─ 📝 SKILL.md Markdown 57L · 1.8 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`httpx`	`not pinned`	pip	否	httpx is declared in SKILL.md but version not pinned in requirements

安全亮点

✓ Clean implementation with no obfuscation or base64 encoding

✓ All environment variable and network access fully declared in SKILL.md

✓ No subprocess, shell execution, or credential harvesting beyond declared API keys

✓ API keys are only used for their intended purpose (LLM API authentication)

✓ No access to sensitive paths like ~/.ssh, ~/.aws, or .env files

✓ Output files are written only to user-specified directories

✓ No persistence mechanisms (no cron jobs, startup scripts, or backdoors)

✓ Code is readable and follows straightforward logic