中文 EN

Scan Report

Scan New Files

Low Risk — Risk Score 10/100
Last scan:21 hr ago Rescan
10 /100
memory-assistant
帮记助手:随手记物品位置与定时语音提醒,集成 SenseAudio TTS
A legitimate memory-assistant skill for item tracking and voice reminders that performs no malicious actions; minor documentation inconsistency does not constitute a security risk.
Skill Namememory-assistant
Duration44.7s
Enginepi
Safe to install
No blocking action needed. Consider updating reference.md to remove the un-implemented .env loading guidance to avoid user confusion.

Findings 2 items

Severity Finding Location
Low
Unimplemented .env loading documented but not coded Doc Mismatch
reference.md describes loading API key from .env files using python-dotenv, but neither speak.py nor run_reminders.py calls load_dotenv(). Both scripts only read from os.environ. This creates a documentation gap where users may expect .env support that does not exist.
从 `.env` 加载密钥:在脚本开头 `load_dotenv()`
→ Either remove the .env loading description from reference.md, or implement it in both scripts by adding `from dotenv import load_dotenv; load_dotenv()` at the top.
 reference.md:1
Low
SKILL.md does not declare required permissions/capabilities Doc Mismatch
SKILL.md describes the skill behavior fully but never explicitly declares the allowed-tools or permission requirements. However, all inferred capabilities (filesystem WRITE, network READ, shell WRITE, environment READ) are necessary for the documented TTS and reminder features.
SKILL.md does not contain an allowed-tools or permissions section
→ Add an explicit 'Required Permissions' or 'allowed-tools' section to SKILL.md listing filesystem:WRITE, network:READ, shell:WRITE, environment:READ for transparency.
 SKILL.md:1
ResourceDeclaredInferredStatusEvidence
Filesystem NONE WRITE ✓ Aligned Both scripts read/write items.json and reminders.json in .memory-assistant/ — re…
Network NONE READ ✓ Aligned Both scripts POST to https://api.senseaudio.cn/v1/t2a_v2 for TTS synthesis — req…
Shell NONE WRITE ✓ Aligned play_audio() uses subprocess to invoke afplay/paplay/aplay/ffplay for audio play…
Environment NONE READ ✓ Aligned Both scripts call os.environ.get('SENSEAUDIO_API_KEY') — the skill's own API key…
5 findings
🔗
Medium External URL 外部 URL
https://senseaudio.cn/platform/api-key
SKILL.md:12
🔗
Medium External URL 外部 URL
https://api.senseaudio.cn/v1/t2a_v2
SKILL.md:55
🔗
Medium External URL 外部 URL
https://senseaudio.cn/docs
SKILL.md:60
🔗
Medium External URL 外部 URL
https://senseaudio.cn/docs/text_to_speech_api
SKILL.md:60
🔗
Medium External URL 外部 URL
https://senseaudio.cn/docs/voice_api
reference.md:100

File Tree

6 files · 25.7 KB · 683 lines
Markdown 3f · 342L Python 2f · 334L JSON 1f · 7L
├─ 📁 scripts
│ ├─ 🐍 run_reminders.py Python 181L · 6.0 KB
│ └─ 🐍 speak.py Python 153L · 5.4 KB
├─ 📋 _meta.json JSON 7L · 332 B
├─ 📝 examples.md Markdown 49L · 1.6 KB
├─ 📝 reference.md Markdown 191L · 6.2 KB
└─ 📝 SKILL.md Markdown 102L · 6.1 KB

Dependencies 1 items

PackageVersionSourceKnown VulnsNotes
requests * pip No Version not pinned; widely-used standard library with no known vulnerabilities in its standard usage here

Security Positives

✓ No base64-encoded payloads, eval(), or obfuscated code found
✓ No curl|bash or wget|sh remote script execution
✓ No access to sensitive paths such as ~/.ssh, ~/.aws, or .env credential files
✓ No credential harvesting beyond the skill's own SENSEAUDIO_API_KEY which is used only for the TTS service
✓ No data exfiltration: all network traffic is to the expected SenseAudio TTS endpoint
✓ No persistence mechanisms (cron, services, startup hooks) embedded in the code
✓ No hidden instructions in HTML comments or other stealth channels
✓ No supply chain risks: requests library is widely used and documented; no unpinned custom dependencies
✓ subprocess calls are confined to audio playback with known-safe system utilities (afplay, paplay, aplay, ffplay)