中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 20/100
上次扫描:18 小时前 重新扫描
20 /100
payment_skill_demo
AI 原生支付解决方案 - 提供安全、可靠的支付功能
A legitimate payment processing skill with standard async HTTP client patterns, proper input validation, and AES-GCM encryption. Minor documentation gaps exist but no malicious behavior detected.
技能名称payment_skill_demo
分析耗时78.5s
引擎pi
可以安装
The skill is safe to use. Consider documenting the virtual environment setup behavior and subprocess usage in diagnose.py for complete transparency.

安全发现 3 项

严重性 安全发现 位置
低危
Undeclared subprocess usage in diagnostic tool 文档欺骗
scripts/diagnose.py uses subprocess.run() to check pip version, but this behavior is not mentioned in SKILL.md
result = subprocess.run([sys.executable, '-m', 'pip', '--version'], capture_output=True, text=True)
→ Document diagnostic tooling that uses subprocess for environment checks
 scripts/diagnose.py:67
提示
Python 3.6 support deprecated 供应链
requirements-py36.txt supports Python 3.6 which reached end-of-life in December 2021
aiohttp==3.6.3
→ Update documentation to recommend Python 3.8+ and deprecate 3.6 support
 scripts/requirements-py36.txt:1
提示
API credentials read from environment 敏感访问
PAYMENT_API_KEY and PAYMENT_API_SECRET are read from environment variables - this is standard practice but worth noting
api_key: os.getenv('PAYMENT_API_KEY')
→ This is legitimate credential handling - ensure the API does not exfiltrate these values
 src/config_loader.py:86
资源类型声明权限推断权限状态证据
文件系统 WRITE WRITE ✓ 一致 Creates logs/ and venv/ directories
网络访问 READ READ ✓ 一致 Makes HTTP requests to payment API
命令执行 NONE WRITE ✓ 一致 scripts/setup.sh: pip install; diagnose.py: subprocess.run()
环境变量 READ READ ✓ 一致 Reads PAYMENT_API_KEY, PAYMENT_API_SECRET
技能调用 NONE NONE No skill invocation found
剪贴板 NONE NONE Not used
浏览器 NONE NONE Not used
数据库 NONE NONE Not used
3 项发现
🔗
中危 外部 URL 外部 URL
https://api.zlclaw.com,不需要设置
config/production.env:9
🔗
中危 外部 URL 外部 URL
https://api.zlclaw.com
config/production.env:20
📧
提示 邮箱 邮箱地址
[email protected]
SKILL.md:220

目录结构

15 文件 · 65.5 KB · 2303 行
Python 8f · 1807L Markdown 1f · 225L Shell 1f · 99L YAML 1f · 75L Text 2f · 47L Env 1f · 36L JSON 1f · 14L
├─ 📁 config
│ └─ 📄 production.env Env 36L · 1.1 KB
├─ 📁 scripts
│ ├─ 🐍 diagnose.py Python 264L · 7.3 KB
│ ├─ 📄 requirements-py36.txt Text 28L · 433 B
│ ├─ 📄 requirements.txt Text 19L · 337 B
│ └─ 🔧 setup.sh Shell 99L · 2.5 KB
├─ 📁 src
│ ├─ 🐍 __init__.py Python 31L · 727 B
│ ├─ 🐍 config_loader.py Python 165L · 5.4 KB
│ ├─ 🐍 payment_api_client.py Python 219L · 6.6 KB
│ ├─ 🐍 payment_skill.py Python 389L · 13.0 KB
│ ├─ 📋 payment_skill.yaml YAML 75L · 1.6 KB
│ ├─ 🐍 security.py Python 191L · 6.0 KB
│ └─ 🐍 utils.py Python 320L · 7.9 KB
├─ 📋 _meta.json JSON 14L · 310 B
├─ 🐍 skill_cli.py Python 228L · 7.3 KB
└─ 📝 SKILL.md Markdown 225L · 4.9 KB

依赖分析 5 项

包名版本来源已知漏洞备注
aiohttp 3.9.5 (py38) / 3.6.3 (py36) pip Version pinned for py38, py36 uses older version
pydantic 2.7.0 (py38) / 1.8.2 (py36) pip Major version differs between py38/py36
cryptography 42.0.5 (py38) / 3.4.8 (py36) pip Version pinned for py38
pycryptodome 3.19.1 (py38) / 3.10.4 (py36) pip Version pinned for py38
pytest 8.2.0 (py38) / 6.2.5 (py36) pip Version pinned for py38

安全亮点

✓ Uses HMAC-SHA256 for request signing (line: payment_api_client.py:109)
✓ AES-GCM encryption for sensitive fields (src/security.py:155-162)
✓ Input validation and sanitization to prevent injection attacks (src/security.py:32-60)
✓ Async HTTP client with proper timeout handling (aiohttp.ClientTimeout)
✓ Transaction IDs generated with UUID for uniqueness (src/utils.py:15)
✓ Dependencies mostly version-pinned in requirements.txt (except py36)
✓ Good error handling with specific error codes
✓ No obfuscated code, base64 payloads, or suspicious encoding patterns
✓ No attempts to access ~/.ssh, ~/.aws, or other sensitive paths
✓ No credential exfiltration or C2 communication patterns