扫描报告
5 /100
mycelium
Use the mycelium CLI to join coordination rooms, negotiate with other agents via CognitiveEngine, and share persistent memory across sessions.
This skill is a pure documentation file describing usage of an external CLI tool. No code execution, credential harvesting, or hidden behavior detected.
可以安装
No action needed. Skill is safe to use as documented.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | READ | READ | ✓ 一致 | Describes reading ~/.mycelium/rooms/ files for memory operations |
| 网络访问 | READ | READ | ✓ 一致 | Describes HTTP sync to MYCELIUM_API_URL backend |
| 环境变量 | READ | READ | ✓ 一致 | Declares MYCELIUM_API_URL, MYCELIUM_AGENT_HANDLE, MYCELIUM_ROOM |
| 命令执行 | NONE | NONE | — | No shell commands executed by this skill documentation |
| 技能调用 | NONE | NONE | — | Skill only documents CLI usage, no cross-skill invocations |
目录结构
1 文件 · 8.0 KB · 205 行 Markdown 1f · 205L
└─
SKILL.md
Markdown
安全亮点
✓ Documentation-only skill with no executable code
✓ All filesystem access clearly declared (read-only ~/.mycelium/rooms/)
✓ Network access declared (MYCELIUM_API_URL) with security guidance
✓ Explicit warning about third-party Homebrew tap risks
✓ No credential exfiltration - auth handled by backend deployment
✓ No obfuscation, base64, or eval patterns
✓ No sensitive path access (.ssh, .aws, .env)
✓ No supply chain risks (no dependencies or scripts)
✓ Clear documentation of data storage behavior and security implications