扫描报告
0 /100
researchclaw
Autonomous research pipeline skill for Claude Code
Documentation-only skill for an autonomous research pipeline with appropriate declared permissions and no malicious indicators in the SKILL.md file.
可以安装
No action required. The SKILL.md is a legitimate documentation file for a research pipeline tool. If deploying this skill, verify the 'researchclaw' CLI tool is from a trusted source.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | WRITE | WRITE | ✓ 一致 | SKILL.md: Tools Required section declares file read/write for config and artifac… |
| 命令执行 | WRITE | WRITE | ✓ 一致 | SKILL.md: Declares Bash for CLI execution and experiment modes (sandbox/ssh_remo… |
目录结构
1 文件 · 4.5 KB · 133 行 Markdown 1f · 133L
└─
SKILL.md
Markdown
安全亮点
✓ Documentation-only skill with no executable code present
✓ Permissions (filesystem:WRITE, shell:WRITE) are appropriate for the stated research pipeline purpose
✓ Experiment execution modes (simulated/sandbox/ssh_remote) are clearly documented in experiment modes table
✓ No base64 encoding, eval(), or obfuscated code patterns
✓ No credential harvesting or data exfiltration mentioned
✓ No sensitive path access (~/.ssh, ~/.aws, .env) documented
✓ No curl|bash or wget|sh remote script execution patterns
✓ Configuration-based API key handling (llm.api_key_env) follows security best practices