中文 EN
Start Review
Skill Trust Decision

skills-collection

multi-agent-pipeline 存在文档-行为差异(声明无出站网络请求但实际调用外部API),其他技能(dellight-cfo-financial-ops)为纯文档或安全代码

Install decision first Source: ClawHub Scanned: Apr 11, 2026
Files 120
Artifacts 23
Violations 1
Findings 3
Most direct threat evidence

Why this conclusion was reached

1/4 dimensions flagged
Block
Declared vs actual capability

1 undeclared or violating capabilities were inferred.

Review
Hidden execution and egress

23 lower-risk artifacts were extracted and still need context.

Pass
Attack chain and severe findings

There is no explicit malicious chain in the report.

Pass
Dependencies and supply chain hygiene

Dependencies are present but no obvious high-risk issue stands out.

What drove the risk score up

文档声明与实际行为不符 +25

_meta.json 声明 outbound: false,但 pipeline.py 代码使用 httpx 向 api.elevenlabs.io 发送请求

API密钥读取 +10

从 os.environ 读取 ELEVENLABS_API_KEY 和 MISTRAL_API_KEY,代码合法但需确保不外传

base64使用 +0

SKILL.md 已声明用于媒体API,代码行为与文档一致

无恶意行为证据 +-10

未发现RCE、凭证外泄、C2通信等恶意行为

Most important evidence

Medium Doc Mismatch

网络出站声明与实际行为不符

_meta.json 声明 "network": {"outbound": false},但代码实际使用 httpx.AsyncClient 向 api.elevenlabs.io 和 api.mistral.ai 发送 HTTP 请求

skills/multi-agent-pipeline/_meta.json:9
将 outbound 改为 true 或移除此声明
Low Doc Mismatch

数据库操作未声明

代码执行数据库写入操作(INSERT INTO stories),但 SKILL.md 和 metadata 均未声明 database 权限

skills/multi-agent-pipeline/scripts/pipeline.py:114
在 metadata.json 中声明 database:WRITE 权限
Info Supply Chain

依赖外部模块未在脚本中定义

pipeline.py 导入 database 和 prompt_cache 模块,但这些文件不在 scripts/ 目录中,属于外部依赖

skills/multi-agent-pipeline/scripts/pipeline.py:14
确保这些依赖是受信任的,或在文档中说明运行环境要求

Declared capability vs actual capability

Network Block
Declared NONE
Inferred WRITE
skills/multi-agent-pipeline/_meta.json vs pipeline.py:42,209
Environment Pass
Declared NONE
Inferred READ
pipeline.py:18-19 读取 API 密钥
Filesystem Pass
Declared READ
Inferred READ
SKILL.md 声明读取输入
Database Pass
Declared NONE
Inferred WRITE
pipeline.py:114-116 写入数据库但未声明

Suspicious artifacts and egress

Medium External URL
https://clawhub.com/skills/ai-company-clo

SKILL.md:5

Medium External URL
https://afrexai-cto.github.io/context-packs/

skills/afrexai-cybersecurity/README.md:42

Medium External URL
https://afrexai-cto.github.io/ai-revenue-calculator/

skills/afrexai-cybersecurity/README.md:43

Medium External URL
https://afrexai-cto.github.io/agent-setup/

skills/afrexai-cybersecurity/README.md:44

Medium External URL
https://clawhub.com/skills/afrexai-compliance-engine

skills/afrexai-cybersecurity-engine/README.md:63

Medium External URL
https://clawhub.com/skills/afrexai-risk-management

skills/afrexai-cybersecurity-engine/README.md:64

Medium External URL
https://clawhub.com/skills/afrexai-devops-engine

skills/afrexai-cybersecurity-engine/README.md:65

Medium External URL
https://clawhub.com/skills/afrexai-api-architect

skills/afrexai-cybersecurity-engine/README.md:66

Medium External URL
https://clawhub.com/skills/afrexai-code-reviewer

skills/afrexai-cybersecurity-engine/README.md:67

Medium External URL
https://clawhub.com/publishers/afrexai-cto

skills/afrexai-cybersecurity-engine/README.md:69

Medium External URL
https://api.yourdomain.com;

skills/afrexai-cybersecurity-engine/SKILL.md:228

Medium External URL
https://clawhub.com/skills/afrexai-technical-docs

skills/afrexai-qa-testing-engine/README.md:63

Dependencies and supply chain

PackageVersionSourceKnown vulnNotes
httpx unspecified import No 用于外部 API 调用
fastapi unspecified import No Web 框架
pydantic unspecified import No 数据验证
mistralai unspecified import No Mistral API 客户端
database N/A local import No 外部依赖,不在 scripts/ 目录中
prompt_cache N/A local import No 外部依赖,不在 scripts/ 目录中

File composition

120 files · 12961 lines
Markdown 94 files · 12496 linesPython 2 files · 299 linesJSON 23 files · 165 linesText 1 files · 1 lines
Files of concern · 3
skills/afrexai-cybersecurity-engine/SKILL.md Markdown · 946 lines
https://api.yourdomain.com;
skills/multi-agent-pipeline/scripts/pipeline.py Python · 248 lines
数据库操作未声明 · 依赖外部模块未在脚本中定义 · https://api.elevenlabs.io/v1/speech-to-text · https://api.elevenlabs.io/v1/text-to-speech/
skills/self-improving/SKILL.md Markdown · 250 lines
https://clawic.com/skills/self-improving
Other files · SKILL.md · SKILL.md · SOUL.md · SKILL.md · role-templates.md · 2026-04-11.md +3

Security positives

burn_tracker.py 是纯数学计算脚本,无任何危险操作
pipeline.py 中 base64 使用有明确文档说明(SKILL.md 明确说明用于音频/二进制数据)
API 密钥仅用于调用合法第三方服务,未发现外泄行为
无 subprocess/eval/exec 等高危代码执行模式
无凭证收割或敏感路径遍历行为
无反向 shell 或 C2 通信模式