扫描报告
10 /100
swarmrecall-learnings
Error tracking, correction logging, and pattern detection via the SwarmRecall API
A well-documented learning/logging skill that sends data to an external API. All behavior is clearly declared with appropriate privacy safeguards.
可以安装
This skill is safe to use. Ensure users understand their learnings data will be stored on SwarmRecall servers before enabling this skill.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | NONE | — | No filesystem access declared or used |
| 网络访问 | READ | READ | ✓ 一致 | HTTPS requests to swarmrecall-api.onrender.com documented in SKILL.md |
| 命令执行 | NONE | NONE | — | No shell execution found |
| 环境变量 | READ | READ | ✓ 一致 | Reads SWARMRECALL_API_KEY, sets it via API response |
| 技能调用 | NONE | NONE | — | No skill invocation |
| 剪贴板 | NONE | NONE | — | No clipboard access |
| 浏览器 | NONE | NONE | — | No browser access |
| 数据库 | NONE | NONE | — | No direct database access |
3 项发现
中危 外部 URL 外部 URL
https://www.swarmrecall.ai SKILL.md:14 中危 外部 URL 外部 URL
https://swarmrecall-api.onrender.com/api/v1/register SKILL.md:29 中危 外部 URL 外部 URL
https://swarmrecall-api.onrender.com SKILL.md:46 目录结构
1 文件 · 5.3 KB · 133 行 Markdown 1f · 133L
└─
SKILL.md
Markdown
安全亮点
✓ API key stored in environment only, never written to disk
✓ Explicitly warns against writing credentials to disk
✓ Requires user consent before storing personal/sensitive information
✓ All network calls use HTTPS
✓ Tenant isolation by owner ID and agent ID
✓ No shell execution capabilities
✓ No filesystem access required
✓ Comprehensive privacy policy with data handling details
✓ Open-source branding (swarmclawai) with legitimate domain