中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 20/100
上次扫描:2 天前 重新扫描
20 /100
cms-find-skills
CMS Skill discovery tool that browses and searches skills via get-skills API, then downloads and installs ZIP packages to local workspace
This is a legitimate skill discovery and installation tool with well-documented behavior; minor security concerns exist (SSL verification disabled) but no malicious patterns detected.
技能名称cms-find-skills
分析耗时37.7s
引擎pi
可以安装
Consider pinning the requests library version and enabling SSL verification if possible; otherwise safe to use for its stated purpose.

安全发现 3 项

严重性 安全发现 位置
低危
SSL verification disabled on HTTPS requests
Both get_skills.py and install_skill.py use requests with verify=False, disabling SSL certificate validation. This allows man-in-the-middle attacks to intercept API credentials or inject malicious content into downloaded ZIPs.
requests.post(API_URL, headers=headers, verify=False, timeout=60, allow_redirects=True)
→ Set verify=True or point to a custom CA bundle. Only disable if working with internal self-signed certs.
 scripts/skill_registry/get_skills.py:50
低危
requests library version not pinned
requirements.txt is not present; dependency versions are not pinned, which could lead to supply chain issues if a vulnerable version is used.
import requests
→ Add a requirements.txt or pyproject.toml with pinned versions.
 scripts/skill_registry/get_skills.py:1
提示
Redirect following enabled
allow_redirects=True is set on API and download requests. Combined with verify=False, this increases MITM attack surface.
requests.get(url, stream=True, verify=False, timeout=120, allow_redirects=True)
→ Ensure the target domains are trusted; consider validating redirect destinations.
 scripts/skill_registry/install_skill.py:89
资源类型声明权限推断权限状态证据
网络访问 READ READ ✓ 一致 API calls to skills.mediportal.com.cn in get_skills.py and install_skill.py
文件系统 WRITE WRITE ✓ 一致 Downloads ZIP and extracts to local disk in install_skill.py:download_file, extr…
命令执行 WRITE WRITE ✓ 一致 CLI scripts executed via python3; documented in SKILL.md
3 项发现
🔗
中危 外部 URL 外部 URL
https://skills.mediportal.com.cn/api/skill/list
openapi/skill-registry/get-skills.md:1
🔗
中危 外部 URL 外部 URL
https://filegpt-hn.file.mediportal.com.cn/cwork_skill/cms-auth-skills_1.0.zip
openapi/skill-registry/get-skills.md:31
🔗
中危 外部 URL 外部 URL
https://skills.mediportal.com.cn
scripts/skill_registry/get_skills.py:21

目录结构

4 文件 · 19.2 KB · 557 行
Python 2f · 467L Markdown 2f · 90L
├─ 📁 openapi
│ └─ 📁 skill-registry
│ └─ 📝 get-skills.md Markdown 49L · 1.3 KB
├─ 📁 scripts
│ └─ 📁 skill_registry
│ ├─ 🐍 get_skills.py Python 212L · 6.9 KB
│ └─ 🐍 install_skill.py Python 255L · 9.4 KB
└─ 📝 SKILL.md Markdown 41L · 1.6 KB

依赖分析 1 项

包名版本来源已知漏洞备注
requests * pip Version not pinned; no requirements.txt present

安全亮点

✓ No credential harvesting: Scripts do not access ~/.ssh, ~/.aws, .env, or similar sensitive paths
✓ Path traversal protection: ZIP extraction has thorough validation via _normalize_zip_member and _safe_extract
✓ ZIP content validation: Extracts verify SKILL.md presence before completing installation
✓ Clear documentation: SKILL.md clearly declares all capabilities, network targets, and behavior
✓ No hidden functionality: All behavior matches documentation; no base64 payloads, eval(), or obfuscated code
✓ No remote shell execution: No curl|bash, wget|sh, or subprocess calls to unknown binaries
✓ Skill discovery is read-only: get_skills.py only queries a public API and displays results
✓ Install scope is controlled: Extraction targets are validated to stay within destination directory