中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 20/100
上次扫描:2 天前 重新扫描
20 /100
bp-monthly-report-skill
Use when drafting a monthly BP report from a fixed template, BP period and node identifiers, and real BP or progress-report evidence. This skill enforces a staged workflow: normalize the template, map BP anchors, collect evidence, build fine-grained cards, then draft the report in a fixed section order.
This is a legitimate BP monthly report generation skill with undeclared script execution capabilities. The scripts perform business-critical API calls to an internal company BP system and generate structured report artifacts. No malicious behavior detected, but the gap between documented and actual capabilities warrants concern.
技能名称bp-monthly-report-skill
分析耗时53.5s
引擎pi
可以安装
Declare all script capabilities (network:READ via internal API calls, filesystem:WRITE for artifact generation, shell:WRITE for YAML parsing) explicitly in SKILL.md. Document that Python scripts under scripts/ handle the heavy lifting. Pin the requests library version. Hardcode the internal API base URL as a constant rather than repeating it across scripts.

安全发现 4 项

严重性 安全发现 位置
中危
Doc-to-code capability mismatch
SKILL.md describes the skill as a workflow guide for generating BP monthly reports. However, the actual functionality is implemented in Python scripts under scripts/ that perform network API calls, file writes, and subprocess invocations. SKILL.md does not mention any of these capabilities, allowed-tools, or the existence of the scripts.
SKILL.md describes only the workflow and prompt instructions; no mention of Python scripts, subprocess, or HTTP API calls
→ Add an 'Allowed Tools' or 'Implementation Details' section to SKILL.md declaring: filesystem:WRITE (for artifact generation), network:READ (for internal BP API), shell:WRITE (for YAML parsing via Ruby), skill_invoke (for calling helper scripts)
 SKILL.md:1
中危
Hardcoded internal API base URL repeated across scripts
The internal API base URL 'https://sg-al-cwork-web.mediportal.com.cn/open-api' is hardcoded as a string constant in multiple scripts (collect_bp_month_evidence.py, dump_bp_anchor_map.py, generate_scheme_v2_monthly_reports.py) rather than being centralized. This creates maintenance risk and the URL is visible in code as an IOC.
BASE_URL = "https://sg-al-cwork-web.mediportal.com.cn/open-api"
→ Centralize the API base URL in a shared config module or environment variable. This is a code quality issue rather than a security issue, but it increases the attack surface.
 scripts/collect_bp_month_evidence.py:28:28
低危
Unpinned requests dependency
scripts/collect_bp_month_evidence.py imports requests library without version pinning. No requirements.txt, pyproject.toml, or Pipfile exists in the repository.
import requests
→ Add a requirements.txt or pyproject.toml with pinned versions: requests>=2.31.0
 scripts/collect_bp_month_evidence.py:16:16
低危
Hardcoded absolute paths in render scripts
render_chenshuting_march_scheme_reports.py and render_fuzhongming_january_scheme_v2.py contain hardcoded absolute paths like '/Users/hou/Documents/UGit/BP- writer/report-runs/...'. These are developer-specific and would cause failures in other environments.
run_dir = Path("/Users/hou/Documents/UGit/BP- writer/report-runs/2026年度计划BP_陈舒婷/2026-03")
→ Replace hardcoded paths with CLI arguments or environment-based configuration
 scripts/render_chenshuting_march_scheme_reports.py:209:209
资源类型声明权限推断权限状态证据
网络访问 NONE READ ✗ 越权 scripts/collect_bp_month_evidence.py:31 — requests.post() to internal BP API; sc…
命令执行 NONE WRITE ✗ 越权 scripts/build_dual_report_artifacts.py:94 — subprocess.check_output(['ruby', '-e…
文件系统 NONE WRITE ✗ 越权 scripts/build_dual_report_artifacts.py — write_text(), Path.write_text(), shutil…
环境变量 NONE NONE No os.environ iteration or credential access found
1 项发现
🔗
中危 外部 URL 外部 URL
https://sg-al-cwork-web.mediportal.com.cn/open-api
scripts/collect_bp_month_evidence.py:28

目录结构

19 文件 · 213.8 KB · 5623 行
Markdown 13f · 3015L Python 6f · 2608L
├─ 📁 assets
│ ├─ 📝 P001-T001-MONTH-TPL-01_月报模板_v1.md Markdown 124L · 3.0 KB
│ └─ 📝 人力资源中心_月报填写规范_组织示例_v1.md Markdown 187L · 4.9 KB
├─ 📁 references
│ ├─ 📝 artifact-layout.md Markdown 170L · 3.9 KB
│ ├─ 📝 bp-system.md Markdown 245L · 7.1 KB
│ ├─ 📝 business-description.zh-CN.md Markdown 473L · 14.2 KB
│ ├─ 📝 design-solution.zh-CN.md Markdown 810L · 20.5 KB
│ ├─ 📝 fill-patterns.md Markdown 148L · 9.9 KB
│ ├─ 📝 rolling-baseline.md Markdown 53L · 1.3 KB
│ ├─ 📝 section-order.md Markdown 83L · 2.1 KB
│ ├─ 📝 source-schema.md Markdown 154L · 3.6 KB
│ ├─ 📝 traffic-lights.md Markdown 145L · 5.8 KB
│ └─ 📝 workflow.md Markdown 234L · 7.2 KB
├─ 📁 scripts
│ ├─ 🐍 build_dual_report_artifacts.py Python 532L · 20.8 KB
│ ├─ 🐍 collect_bp_month_evidence.py Python 528L · 20.2 KB
│ ├─ 🐍 dump_bp_anchor_map.py Python 119L · 3.6 KB
│ ├─ 🐍 generate_scheme_v2_monthly_reports.py Python 856L · 37.5 KB
│ ├─ 🐍 render_chenshuting_march_scheme_reports.py Python 213L · 15.3 KB
│ └─ 🐍 render_fuzhongming_january_scheme_v2.py Python 360L · 20.8 KB
└─ 📝 SKILL.md Markdown 189L · 12.0 KB

依赖分析 2 项

包名版本来源已知漏洞备注
requests * pip Version not pinned — imported without version constraint in collect_bp_month_evidence.py
subprocess stdlib python3 stdlib Used in build_dual_report_artifacts.py for YAML parsing via Ruby

安全亮点

✓ No credential harvesting — app_key is passed as a CLI argument, not scraped from environment or files
✓ No data exfiltration — all network traffic stays within the organization's internal BP API domain
✓ No obfuscation techniques — no base64 encoding, eval(), or atob() patterns found
✓ No sensitive path access — scripts do not access ~/.ssh, ~/.aws, .env, or similar credential paths
✓ No external IP connections — all network targets resolve to the same internal company domain
✓ No reverse shell, C2, or remote code execution backdoors
✓ No hidden instructions in HTML comments or documentation
✓ No curl|bash or wget|sh remote script execution patterns
✓ Report rendering scripts only perform text substitution and file writes within controlled directories