content-clipper 安全扫描报告 — 可信 | ClawSafe

0 /100

content-clipper

Extract, summarize, and clip web content to flomo or local markdown

content-clipper is a legitimate web content extraction and note-clipping tool with no malicious behavior detected; all capabilities are declared and consistent with documented behavior.

技能名称content-clipper

分析耗时38.8s

引擎pi

✓

可以安装

Approve for use. The skill is safe and performs only declared web content fetching and posting to the flomo webhook or local markdown files.

资源类型	声明权限	推断权限	状态	证据
网络访问	`READ`	`READ`	✓ 一致	scripts/clip.js:42-49 — uses https.get/http.get to fetch URLs
网络访问	`WRITE`	`WRITE`	✓ 一致	scripts/clip.js:91-104 — POSTs content to flomo webhook; scripts/clip.js:97 — ex…
文件系统	`WRITE`	`WRITE`	✓ 一致	scripts/clip.js:107 — fs.writeFileSync for markdown output
命令执行	`WRITE`	`WRITE`	✓ 一致	scripts/clip.js:97 — execSync runs curl.exe for Windows proxy bypass; declared i…
环境变量	`READ`	`READ`	✓ 一致	scripts/clip.js:14 — reads FLOMO_WEBHOOK env var
技能调用	`NONE`	`NONE`	—	No skill_invoke usage found
剪贴板	`NONE`	`NONE`	—	No clipboard access found
浏览器	`NONE`	`NONE`	—	No browser automation found
数据库	`NONE`	`NONE`	—	No database access found

1 项发现

🔗

中危外部 URL 外部 URL

https://flomoapp.com/iwh/MTg4MTA/c6fceb66258d3cc5c527d82f283ba06a/

SKILL.md:26

目录结构

3 文件 · 7.3 KB · 191 行

JavaScript 1f · 148L Markdown 1f · 31L JSON 1f · 12L

├─ ▾ 📁 scripts

│ └─ 📜 clip.js JavaScript 148L · 5.4 KB

├─ 📋 package.json JSON 12L · 426 B

└─ 📝 SKILL.md Markdown 31L · 1.5 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`none (uses built-in modules only)`	`N/A`	nodejs	否	Uses only https, http, fs, child_process — no external npm packages

安全亮点

✓ All declared capabilities (network:READ/WRITE, filesystem:WRITE, shell:WRITE) match actual code behavior

✓ SKILL.md documents the Windows curl.exe proxy bypass explicitly in the Notes section

✓ Hardcoded flomo webhook URL points to a legitimate note-taking service (flomoapp.com), not an exfiltration endpoint

✓ Uses only built-in Node.js modules with zero external dependencies — no supply chain risk

✓ No credential harvesting: only reads FLOMO_WEBHOOK (a webhook URL, not a secret token)

✓ No obfuscation, base64 payloads, eval(), or anti-analysis techniques

✓ No persistence mechanisms (no cron, startup hooks, or backdoor installation)

✓ Content is only sent to the user-specified or configured flomo webhook — no secondary exfiltration channels

✓ Graceful fallback from curl to native Node.js https ensures reliability without introducing new attack surface