FLATSOME MASTER SKILL — AI Web Designer 安全扫描报告 — 低风险 | ClawSafe

20 /100

FLATSOME MASTER SKILL — AI Web Designer

Converts visual designs to WordPress UXBuilder shortcodes using WP-CLI for WordPress site construction

This is a legitimate WordPress UXBuilder/Flatsome design skill that uses WP-CLI and bash heredocs for WordPress site construction, with no malicious behavior detected, though it has undeclared shell execution and broad filesystem/database permissions.

技能名称FLATSOME MASTER SKILL — AI Web Designer

分析耗时33.9s

引擎pi

✓

可以安装

Approve with monitoring. Declare the shell:WRITE, filesystem:WRITE, and database:WRITE permissions explicitly in the capability model. Consider pinning specific WP-CLI command usage rather than allowing general shell access.

安全发现 4 项

严重性	安全发现	位置
低危	No permission declaration The SKILL.md does not declare any allowed-tools or capability model permissions. It implicitly requires shell:WRITE (WP-CLI, mkdir, cat), filesystem:WRITE (theme files), and database:WRITE (WordPress posts/options). `# FLATSOME MASTER SKILL — AI Web Designer` → Add a capability declaration section at the top of SKILL.md listing shell, filesystem:WRITE, database:WRITE, and network:READ as required permissions.	`SKILL.md:1`
提示	External URLs present The skill references YouTube video URLs, Google Maps embed, and SVG namespace URLs. These are used for legitimate content embedding and are not exfiltration. `https://www.youtube.com/watch?v=VIDEO_ID` → No action needed - these are standard content embedding patterns.	`SKILL.md:592`
提示	No sensitive path access detected The skill does not access ~/.ssh, ~/.aws, .env, or other sensitive credential paths. WP operations are confined to WordPress directories. `N/A` → No action needed.	`SKILL.md`
提示	No obfuscation or hidden code The entire skill is plain markdown documentation with no base64, eval, or obfuscated content. Code examples are clear and readable. `N/A` → No action needed.	`SKILL.md`

资源类型	声明权限	推断权限	状态	证据
命令执行	`NONE`	`WRITE`	✗ 越权	SKILL.md:lines 96-130 (mkdir, cat heredoc, wp theme/plugin/post commands)
文件系统	`NONE`	`WRITE`	✗ 越权	SKILL.md:lines 96-106 (creates style.css, functions.php via heredoc)
数据库	`NONE`	`WRITE`	✗ 越权	SKILL.md:lines 170-230 (wp post create, wp option update, wp plugin activate)
网络访问	`NONE`	`READ`	✓ 一致	SKILL.md:lines 592-616,837 (YouTube embeds, Google Maps, media imports from URLs…
技能调用	`NONE`	`READ`	✓ 一致	SKILL.md is purely a reference skill - no self-invocation detected

7 项发现

🔗

中危外部 URL 外部 URL

https://www.youtube.com/watch?v=VIDEO_ID

SKILL.md:592

🔗

中危外部 URL 外部 URL

https://youtube.com/watch?v=ID1

SKILL.md:602

🔗

中危外部 URL 外部 URL

https://youtube.com/watch?v=ID2

SKILL.md:609

🔗

中危外部 URL 外部 URL

https://youtube.com/watch?v=ID3

SKILL.md:616

🔗

中危外部 URL 外部 URL

https://maps.google.com/maps?q=Ho+Chi+Minh+City&output=embed

SKILL.md:837

🔗

中危外部 URL 外部 URL

http://www.w3.org/2000/svg

SKILL.md:1183

📧

提示邮箱邮箱地址

[email protected]

SKILL.md:829

目录结构

1 文件 · 50.5 KB · 1498 行

Markdown 1f · 1498L

└─ 📝 SKILL.md Markdown 1498L · 50.5 KB

安全亮点

✓ No malicious code patterns (base64, eval, obfuscation) detected

✓ No credential harvesting or exfiltration behavior

✓ No reverse shell or C2 communication patterns

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)

✓ No curl|bash or wget|sh remote script execution

✓ All code examples are legitimate WordPress/WP-CLI operations

✓ No hidden instructions in HTML comments

✓ Skill behavior aligns with stated purpose (web design via UXBuilder)