中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 10/100
上次扫描:21 小时前 重新扫描
10 /100
memory-assistant
帮记助手:随手记物品位置与定时语音提醒,集成 SenseAudio TTS
A legitimate memory-assistant skill for item tracking and voice reminders that performs no malicious actions; minor documentation inconsistency does not constitute a security risk.
技能名称memory-assistant
分析耗时44.7s
引擎pi
可以安装
No blocking action needed. Consider updating reference.md to remove the un-implemented .env loading guidance to avoid user confusion.

安全发现 2 项

严重性 安全发现 位置
低危
Unimplemented .env loading documented but not coded 文档欺骗
reference.md describes loading API key from .env files using python-dotenv, but neither speak.py nor run_reminders.py calls load_dotenv(). Both scripts only read from os.environ. This creates a documentation gap where users may expect .env support that does not exist.
从 `.env` 加载密钥:在脚本开头 `load_dotenv()`
→ Either remove the .env loading description from reference.md, or implement it in both scripts by adding `from dotenv import load_dotenv; load_dotenv()` at the top.
 reference.md:1
低危
SKILL.md does not declare required permissions/capabilities 文档欺骗
SKILL.md describes the skill behavior fully but never explicitly declares the allowed-tools or permission requirements. However, all inferred capabilities (filesystem WRITE, network READ, shell WRITE, environment READ) are necessary for the documented TTS and reminder features.
SKILL.md does not contain an allowed-tools or permissions section
→ Add an explicit 'Required Permissions' or 'allowed-tools' section to SKILL.md listing filesystem:WRITE, network:READ, shell:WRITE, environment:READ for transparency.
 SKILL.md:1
资源类型声明权限推断权限状态证据
文件系统 NONE WRITE ✓ 一致 Both scripts read/write items.json and reminders.json in .memory-assistant/ — re…
网络访问 NONE READ ✓ 一致 Both scripts POST to https://api.senseaudio.cn/v1/t2a_v2 for TTS synthesis — req…
命令执行 NONE WRITE ✓ 一致 play_audio() uses subprocess to invoke afplay/paplay/aplay/ffplay for audio play…
环境变量 NONE READ ✓ 一致 Both scripts call os.environ.get('SENSEAUDIO_API_KEY') — the skill's own API key…
5 项发现
🔗
中危 外部 URL 外部 URL
https://senseaudio.cn/platform/api-key
SKILL.md:12
🔗
中危 外部 URL 外部 URL
https://api.senseaudio.cn/v1/t2a_v2
SKILL.md:55
🔗
中危 外部 URL 外部 URL
https://senseaudio.cn/docs
SKILL.md:60
🔗
中危 外部 URL 外部 URL
https://senseaudio.cn/docs/text_to_speech_api
SKILL.md:60
🔗
中危 外部 URL 外部 URL
https://senseaudio.cn/docs/voice_api
reference.md:100

目录结构

6 文件 · 25.7 KB · 683 行
Markdown 3f · 342L Python 2f · 334L JSON 1f · 7L
├─ 📁 scripts
│ ├─ 🐍 run_reminders.py Python 181L · 6.0 KB
│ └─ 🐍 speak.py Python 153L · 5.4 KB
├─ 📋 _meta.json JSON 7L · 332 B
├─ 📝 examples.md Markdown 49L · 1.6 KB
├─ 📝 reference.md Markdown 191L · 6.2 KB
└─ 📝 SKILL.md Markdown 102L · 6.1 KB

依赖分析 1 项

包名版本来源已知漏洞备注
requests * pip Version not pinned; widely-used standard library with no known vulnerabilities in its standard usage here

安全亮点

✓ No base64-encoded payloads, eval(), or obfuscated code found
✓ No curl|bash or wget|sh remote script execution
✓ No access to sensitive paths such as ~/.ssh, ~/.aws, or .env credential files
✓ No credential harvesting beyond the skill's own SENSEAUDIO_API_KEY which is used only for the TTS service
✓ No data exfiltration: all network traffic is to the expected SenseAudio TTS endpoint
✓ No persistence mechanisms (cron, services, startup hooks) embedded in the code
✓ No hidden instructions in HTML comments or other stealth channels
✓ No supply chain risks: requests library is widely used and documented; no unpinned custom dependencies
✓ subprocess calls are confined to audio playback with known-safe system utilities (afplay, paplay, aplay, ffplay)