kaogong-study-tracker 安全扫描报告 — 可信 | ClawSafe

5 /100

kaogong-study-tracker

朱批录 · 国考备考追踪 Skill — tracks exam scores, wrong answers with screenshots, daily check-ins, Excel export, and optional Feishu doc sync

This is a legitimate, well-documented civil service exam (国考) study tracker skill with no malicious behavior. The three base64 Buffer operations are standard image-handling patterns (decoding screenshots for Excel embedding, Feishu upload, and image compression), not code obfuscation.

技能名称kaogong-study-tracker

分析耗时49.9s

引擎pi

✓

可以安装

This skill is safe to use. No security concerns identified.

资源类型	声明权限	推断权限	状态	证据
文件系统	`READ`	`WRITE`	✓ 一致	SKILL.md §五 Step 3/5 — writes daily JSON + wrong_questions.json to ~/.openclaw/s…
命令执行	`WRITE`	`WRITE`	✓ 一致	SKILL.md §五 Step 5 — execFile python3/python for Excel export
网络访问	`READ`	`READ`	✓ 一致	SKILL.md §五 Step 6 — Feishu API calls (user-triggered, user-own credentials)
环境变量	`NONE`	`READ`	✓ 一致	update_daily.js:9 — uses process.env.HOME for DATA_DIR; no credential harvesting
技能调用	`NONE`	`NONE`	—	No inter-skill invocation found
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser automation
数据库	`NONE`	`NONE`	—	No external database access

3 严重 13 项发现

🔒

严重编码执行 Base64 编码执行（代码混淆）

Buffer.from(q.raw_image_b64, 'base64'

scripts/export_xlsx.js:203

🔒

严重编码执行 Base64 编码执行（代码混淆）

Buffer.from(imageBase64, 'base64'

scripts/feishu_doc.js:52

🔒

严重编码执行 Base64 编码执行（代码混淆）

Buffer.from(base64, 'base64'

scripts/parse_input.js:213

🔗

中危外部 URL 外部 URL

https://openclaw.ai

README.md:3

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/OpenClaw-Skill-orange

README.md:6

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/License-MIT-blue.svg

README.md:7

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/node-%3E%3D18-green

README.md:8

🔗

中危外部 URL 外部 URL

https://nodejs.org

README.md:8

🔗

中危外部 URL 外部 URL

https://docs.openclaw.ai/channels/feishu

assets/workspace-example.yaml:10

🔗

中危外部 URL 外部 URL

https://pypi.tuna.tsinghua.edu.cn/simple

package.json:27

🔗

中危外部 URL 外部 URL

https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal

scripts/feishu_doc.js:36

🔗

中危外部 URL 外部 URL

https://open.feishu.cn/open-apis/im/v1/images

scripts/feishu_doc.js:63

🔗

中危外部 URL 外部 URL

https://open.feishu.cn/open-apis/docx/v1/documents/$

scripts/feishu_doc.js:159

目录结构

16 文件 · 82.5 KB · 2331 行

JavaScript 7f · 1468L Markdown 4f · 590L Python 1f · 163L YAML 1f · 53L JSON 2f · 50L Ignore 1f · 7L

├─ ▾ 📁 assets

│ ├─ 📋 module_map.json JSON 22L · 1.2 KB

│ └─ 📋 workspace-example.yaml YAML 53L · 1.4 KB

├─ ▾ 📁 references

│ ├─ 📝 reply_templates.md Markdown 78L · 2.0 KB

│ └─ 📝 tone_guide.md Markdown 54L · 2.0 KB

├─ ▾ 📁 scripts

│ ├─ 📜 daily_summary.js JavaScript 94L · 3.0 KB

│ ├─ 📜 export_xlsx.js JavaScript 273L · 11.4 KB

│ ├─ 📜 feishu_doc.js JavaScript 248L · 8.5 KB

│ ├─ 🐍 ocr_image.py Python 163L · 5.6 KB

│ ├─ 📜 onboarding.js JavaScript 38L · 1003 B

│ ├─ 📜 parse_input.js JavaScript 401L · 16.1 KB

│ ├─ 📜 review_reminder.js JavaScript 199L · 7.1 KB

│ └─ 📜 update_daily.js JavaScript 215L · 6.3 KB

├─ 📄 .gitignore Ignore 7L · 60 B

├─ 📋 package.json JSON 28L · 738 B

├─ 📝 README.md Markdown 242L · 7.7 KB

└─ 📝 SKILL.md Markdown 216L · 8.6 KB

依赖分析 5 项

包名	版本	来源	已知漏洞	备注
`xlsx`	`^0.18.5`	npm	否	Pinned via caret
`sharp`	`*`	npm	否	Optional; used only if installed; has fallback
`paddlepaddle`	`*`	pip	否	Optional offline OCR; in scripts/ocr_image.py only; has fallback
`paddleocr`	`*`	pip	否	Optional; triggered only when ocr_image.py is run directly
`openpyxl`	`*`	pip	否	Required only for export feature; called via execFile python

安全亮点

✓ All functionality is clearly documented in SKILL.md with explicit section references

✓ Data stays entirely local in ~/.openclaw/skills/kaogong-study-tracker/data/

✓ Feishu sync is user-triggered only and uses user's own credentials (self-exfiltration scenario)

✓ execFile uses no shell interpolation — arguments are passed as a list, preventing injection

✓ Dynamic Python script embeds data as JSON strings via JSON.stringify, not string concatenation

✓ Automatic backup rotation on wrong_questions.json writes (10 backup limit)

✓ Temporary files (Python script, image files) are cleaned up in a finally block

✓ No hardcoded credentials or secrets

✓ No exfiltration of any kind — no POSTs to unknown IPs

✓ Base64 IOCs are all standard image handling: Excel embedding, Feishu upload, sharp compression

✓ pip mirror in setup script is a standard Chinese PyPI mirror (tsinghua.edu.cn), not a custom C2 server

✓ xlsx version is pinned (^0.18.5); sharp and paddleocr are optional with fallbacks