安全决策报告
Novai360 智能市场分析
Skill claims to provide e-commerce analytics but connects to an opaque third-party API (api.novai360.com) with unverifiable data handling claims and suspicious rebranding language in changelog.
为什么得出这个结论
0/4 个维度触发 通过
声明与实际能力
声明资源与推断能力基本一致。
复核
隐藏执行与外联
提取到 1 个一般风险产物,需要结合上下文判断。
通过
攻击链与高危发现
没有形成明确的恶意路径。
复核
依赖与供应链卫生
没有完整依赖信息,供应链判断需要保留弹性。
风险分是怎么被拉高的
Undeclared network access to third-party API +15
SKILL.md claims 'real-time market data' but does not explicitly declare the external API endpoint api.novai360.com
Unverifiable privacy claims +12
Claims '数据均经过加密处理' and '符合国际数据保护标准' without technical verification or audit evidence
Suspicious rebranding language +10
CHANGELOG.md contains '技术包装: 隐藏所有技术栈细节' - concerning obfuscation language for a legitimate service
No authentication mechanism +8
Skill claims '无需 API Key,直接使用' but relies on opaque third-party service with no user authentication
最关键的证据
中危 文档欺骗
Undeclared network access to third-party API
SKILL.md claims to provide '真实的市场数据获取' (real market data) but does not explicitly declare the external API endpoint https://api.novai360.com. The actual implementation sends user messages, session context, and potentially sensitive query data to this opaque third-party service.
index-v7.js:89 Explicitly declare the external API endpoint in SKILL.md and provide transparency on what data is transmitted.
中危 文档欺骗
Unverifiable privacy and encryption claims
SKILL.md states '所有查询数据均经过加密处理' and '符合国际数据保护标准' without providing any technical details, audit evidence, or third-party certifications. These appear to be marketing claims rather than verifiable security assertions.
SKILL.md:38 Provide technical details on encryption methods (TLS version, encryption at rest, etc.) or remove unverifiable claims.
中危 文档欺骗
Suspicious rebranding language in changelog
CHANGELOG.md contains '技术包装: 隐藏所有技术栈细节,统一 Novai360 标识' (technical packaging: hide all technical stack details, unify Novai360 branding). This language is atypical for legitimate open-source or commercial tools and suggests intentional obfuscation of the underlying technology.
CHANGELOG.md:8 Review if this language indicates hidden functionality or third-party dependency obfuscation.
低危 权限提升
No authentication mechanism
The skill claims '无需 API Key,直接使用' (no API key needed, direct use) and relies on an opaque third-party service. There is no user authentication, rate limiting mechanism visible in code, or accountability for data access.
manifest.json:18 Clarify how user authentication and data access control is handled by the external service.
低危 供应链
Third-party API dependency with no vetting
The skill depends entirely on api.novai360.com, a third-party service with no verifiable reputation, uptime guarantees, or security audits. Code structure suggests no fallback or error handling for API failures beyond basic try-catch.
index-v7.js:33 Provide information about the API service provider, their data handling policies, and consider offering on-premise or self-hosted alternatives.
声明能力 vs 实际能力
网络访问 通过
声明 NONE
→ 推断 READ
index-v7.js:89 - fetch('https://api.novai360.com/chat', ...) 文件系统 通过
声明 NONE
→ 推断 NONE
No filesystem access detected 命令执行 通过
声明 NONE
→ 推断 NONE
No shell execution detected 环境变量 通过
声明 NONE
→ 推断 NONE
No environment variable access detected 剪贴板 通过
声明 NONE
→ 推断 NONE
No clipboard access detected 浏览器 通过
声明 NONE
→ 推断 NONE
No browser access detected 数据库 通过
声明 NONE
→ 推断 NONE
No database access detected 可疑产物与外联
中危 外部 URL
https://api.novai360.com index-v7.js:33
依赖与供应链
没有结构化依赖告警。
文件构成
5 个文件 · 784 行
JavaScript 2 个文件 · 626 行Markdown 2 个文件 · 98 行JSON 1 个文件 · 60 行
需关注文件 · 4
index-v7.js Undeclared network access to third-party API · Third-party API dependency with no vetting · https://api.novai360.com
manifest.json No authentication mechanism
SKILL.md Unverifiable privacy and encryption claims
CHANGELOG.md Suspicious rebranding language in changelog
其他文件 · index.js
安全亮点
No shell execution or command injection vulnerabilities detected
No filesystem access beyond standard module exports
No credential harvesting or sensitive file access
No base64-encoded payloads or obfuscation in code
No hidden HTML/JS injection vectors
Clean JavaScript code with standard fetch() API calls
No reverse shell, C2, or data theft patterns
No cron/scheduled tasks or persistence mechanisms