nano-gpt Security Report — Trusted | ClawSafe

5 /100

nano-gpt

NanoGPT API CLI skill for text, image, and video generation

This is a legitimate NanoGPT API CLI wrapper skill with clear documentation and appropriate, declared capabilities. The pre-scan IOCs are false positives: base64 decoding is standard image handling, and test credentials are test fixtures.

Skill Namenano-gpt

Duration44.2s

Enginepi

✓

Safe to install

No action required. The skill is safe to use as documented.

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	SKILL.md declares local image/video inputs; code reads only user-specified files…
Filesystem	`WRITE`	`WRITE`	✓ Aligned	SKILL.md declares --output flag for images/videos; code writes to user-specified…
Network	`WRITE`	`WRITE`	✓ Aligned	SKILL.md declares nano-gpt.com API calls; client.ts makes authenticated POST/GET…
Environment	`READ`	`READ`	✓ Aligned	SKILL.md declares NANO_GPT_API_KEY and NANO_GPT_* overrides; config.ts reads onl…
Shell	`NONE`	`NONE`	—	Scripts exec node binary only; no subprocess with user input
Skill Invoke	`NONE`	`NONE`	—	No skill invocation found
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser automation
Database	`NONE`	`NONE`	—	No database access

1 Critical 1 High 10 findings

🔒

Critical Encoded Execution Base64 编码执行（代码混淆）

Buffer.from(image.b64_json, "base64"

cli/src/cli.ts:551

🔑

High API Key 疑似硬编码凭证

apiKey: "abcdefgh12345678"

cli/test/config.test.ts:40

🔗

Medium External URL 外部 URL

https://docs.nano-gpt.com/

README.md:7

🔗

Medium External URL 外部 URL

https://nano-gpt.com

README.md:45

🔗

Medium External URL 外部 URL

https://cdn.example/video.mp4

cli/test/cli.test.ts:41

🔗

Medium External URL 外部 URL

https://proxy.example/api

cli/test/client.test.ts:33

🔗

Medium External URL 外部 URL

https://proxy.example/api/v1/models

cli/test/client.test.ts:47

🔗

Medium External URL 外部 URL

https://file.example

cli/test/config.test.ts:14

🔗

Medium External URL 外部 URL

https://env.example/

cli/test/config.test.ts:22

🔗

Medium External URL 外部 URL

https://env.example

cli/test/config.test.ts:35

File Tree

31 files · 74.4 KB · 2756 lines

TypeScript 16f · 2261L Markdown 4f · 294L JSON 4f · 142L Shell 6f · 55L YAML 1f · 4L

├─ ▾ 📁 agents

│ └─ 📋 openai.yaml YAML 4L · 377 B

├─ ▾ 📁 cli

│ ├─ ▾ 📁 src

│ │ ├─ 📜 bin.ts TypeScript 12L · 279 B

│ │ ├─ 📜 cli.ts TypeScript 747L · 20.7 KB

│ │ ├─ 📜 client.ts TypeScript 213L · 5.6 KB

│ │ ├─ 📜 config.ts TypeScript 191L · 5.4 KB

│ │ ├─ 📜 constants.ts TypeScript 5L · 256 B

│ │ ├─ 📜 image-input.ts TypeScript 344L · 8.5 KB

│ │ ├─ 📜 messages.ts TypeScript 55L · 1.1 KB

│ │ ├─ 📜 stream.ts TypeScript 78L · 2.0 KB

│ │ └─ 📜 types.ts TypeScript 130L · 2.4 KB

│ ├─ ▾ 📁 test

│ │ ├─ 📜 cli.test.ts TypeScript 49L · 1.2 KB

│ │ ├─ 📜 client.test.ts TypeScript 157L · 4.2 KB

│ │ ├─ 📜 config.test.ts TypeScript 44L · 1.3 KB

│ │ ├─ 📜 image-input.test.ts TypeScript 76L · 2.7 KB

│ │ ├─ 📜 messages.test.ts TypeScript 62L · 2.2 KB

│ │ ├─ 📜 stream.test.ts TypeScript 32L · 864 B

│ │ └─ 📜 video-input.test.ts TypeScript 66L · 2.3 KB

│ ├─ 📋 package.json JSON 27L · 510 B

│ └─ 📋 tsconfig.json JSON 25L · 443 B

├─ ▾ 📁 references

│ ├─ 📝 cli.md Markdown 35L · 1021 B

│ └─ 📝 workflows.md Markdown 50L · 1.0 KB

├─ ▾ 📁 scripts

│ ├─ 🔧 chat.sh Shell 6L · 152 B

│ ├─ 🔧 image.sh Shell 6L · 153 B

│ ├─ 🔧 models.sh Shell 6L · 154 B

│ ├─ 🔧 prompt.sh Shell 6L · 154 B

│ ├─ 🔧 resolve_nano_gpt_cli.sh Shell 26L · 497 B

│ └─ 🔧 video.sh Shell 5L · 152 B

├─ 📋 package-lock.json JSON 76L · 2.1 KB

├─ 📋 package.json JSON 14L · 249 B

├─ 📝 README.md Markdown 80L · 2.5 KB

└─ 📝 SKILL.md Markdown 129L · 4.0 KB

Dependencies 2 items

Package	Version	Source	Known Vulns	Notes
`commander`	`^14.0.1`	npm	No	Caret range - no known vulnerabilities
`typescript`	`^5.8.2`	npm	No	Dev dependency, only used at build time

Security Positives

✓ SKILL.md comprehensively documents all capabilities and guardrails

✓ API key is only transmitted to the declared nano-gpt.com endpoint

✓ File access is limited to user-specified paths via --image/--video/--output flags

✓ Guardrails explicitly warn against uploading sensitive files

✓ No credential harvesting or exfiltration behavior

✓ No arbitrary code execution or shell injection vectors

✓ Config redaction implemented for apiKey display (config.ts redactConfig)

✓ Test credentials are clearly test fixtures with fake values

✓ External URLs in test files use example.com/example.org domains

✓ Scripts use set -euo pipefail for safe shell execution

✓ Buffer.from(b64_json, 'base64') is legitimate image decoding, not obfuscation

Scan Report

File Tree

Dependencies 2 items

Security Positives