aioz-storage Security Report — Low Risk | ClawSafe

5 /100

aioz-storage

Deploy static websites to AIOZ Storage with built-in templates or custom sites

A legitimate static website deployment skill for AIOZ Storage with no malicious behavior — the pre-scan flagged base64 IOCs are standard cryptographic encoding helpers for Macaroon token processing, not obfuscation.

Skill Nameaioz-storage

Duration35.5s

Enginepi

✓

Safe to install

Skill is safe to use. No action required.

Findings 2 items

Severity	Finding	Location
Low	Credential collection — user-provided secrets Sensitive Access The skill collects the user's AIOZ Storage email, password, and 12-word seed phrase. These are passed directly to API calls and cryptographic functions. While necessary for the service, the skill should make clear that seed phrases are never sent to external servers beyond the official AIOZ API. `Ask user for AIOZ Storage email and password` → This is expected behavior for a storage deploy tool. No exfiltration observed — credentials flow only to api.aiozstorage.network.	`SKILL.md:31`
Info	False positive pre-scan IOC: base64 encoding Doc Mismatch Pre-scan flagged Buffer.from(str, 'base64') at lines 217 and 225 as 'critical base64 obfuscation'. These are b64urlDecode and b64Decode — standard base64 decoding helpers used for Macaroon token encoding/decoding. No eval(atob()) pattern, no execution of decoded content. `function b64urlDecode(str: string): Uint8Array { return new Uint8Array(Buffer.from(str, 'base64')); }` → No action needed. This is legitimate cryptographic code.	`grant-cli.ts:217`

Resource	Declared	Inferred	Status	Evidence
Shell	`WRITE`	`WRITE`	✓ Aligned	SKILL.md:npx ts-node, curl commands
Network	`READ`	`READ`	✓ Aligned	SKILL.md: curl to api.aiozstorage.network
Filesystem	`WRITE`	`WRITE`	✓ Aligned	SKILL.md: git clone, cp -r, npm install

2 Critical 10 findings

🔒

Critical Encoded Execution Base64 编码执行（代码混淆）

Buffer.from(s, "base64"

grant-cli.ts:217

🔒

Critical Encoded Execution Base64 编码执行（代码混淆）

Buffer.from(str, "base64"

grant-cli.ts:225

🔗

Medium External URL 外部 URL

https://api.aiozstorage.network/api/v1/login

SKILL.md:31

🔗

Medium External URL 外部 URL

https://aiozstorage.network

SKILL.md:34

🔗

Medium External URL 外部 URL

https://aiozstorage.network/

SKILL.md:35

🔗

Medium External URL 外部 URL

https://aiozstorage.network/docs/tutorials/manage-buckets

SKILL.md:154

🔗

Medium External URL 外部 URL

https://api.aiozstorage.network/api/v1/zkeys

SKILL.md:159

🔗

Medium External URL 外部 URL

https://reg-api.aiozstorage.network/api/v1/access

SKILL.md:256

🔗

Medium External URL 外部 URL

https://s3.aiozstorage.network

SKILL.md:269

🔗

Medium External URL 外部 URL

https://api.aiozstorage.app/api/v1/websites

SKILL.md:291

File Tree

4 files · 46.6 KB · 1249 lines

TypeScript 1f · 646L Markdown 1f · 343L JSON 2f · 260L

├─ 📜 grant-cli.ts TypeScript 646L · 22.9 KB

├─ 📋 package-lock.json JSON 245L · 10.2 KB

├─ 📋 package.json JSON 15L · 382 B

└─ 📝 SKILL.md Markdown 343L · 13.2 KB

Dependencies 3 items

Package	Version	Source	Known Vulns	Notes
`argon2-browser`	`^1.18.0`	npm	No	Appropriate for Argon2 key derivation from passphrase
`ts-node`	`^10.9.2`	npm	No	TypeScript execution runtime
`typescript`	`^5.3.3`	npm	No	Type checker only, not bundled

Security Positives

✓ SKILL.md is comprehensive and fully documents all operations — no hidden functionality

✓ All network requests target documented AIOZ Storage API endpoints

✓ No credential harvesting or exfiltration — credentials used only in intended API flow

✓ No reverse shell, C2, or data theft patterns detected

✓ No eval(), no atob() execution, no base64-to-shell pipelines

✓ grant-cli.ts is a readable, self-contained cryptographic utility (Macaroon/HMAC/AES-GCM)

✓ Dependencies (argon2-browser, ts-node) are standard and appropriate

✓ No cron jobs, startup hooks, or persistence mechanisms

✓ No access to sensitive paths like ~/.ssh, ~/.aws, or .env files

Scan Report

Findings 2 items

File Tree

Dependencies 3 items

Security Positives