中文 EN

Scan Report

Scan New Files

Low Risk — Risk Score 25/100
Last scan:2 days ago Rescan
25 /100
community-os
Simple Telegram Bot management with LLM and knowledge base
A legitimate Telegram bot management skill with minor security flaws (authentication bypass, unpinned dependencies) but no malicious behavior detected.
Skill Namecommunity-os
Duration64.8s
Enginepi
Safe to install
Fix the require_auth() bypass in admin/app.py, pin dependency versions, and add SSRF protection for broadcast API endpoints before production use.

Findings 5 items

Severity Finding Location
High
Authentication Bypass
The require_auth() function in admin/app.py:278 always returns 'admin' without performing any actual authentication check. This bypasses all protected API endpoints.
def require_auth(request: Request) -> str:
    # 跳过登录验证,直接返回默认用户
    return "admin"
→ Implement proper session validation using validate_session() function that already exists in the codebase.
 admin/app.py:278
Medium
Missing LLM Provider Modules
bot_instance.py imports from 'llm.claude_code' and 'llm.apiyi' modules that don't exist in the codebase. These imports would fail at runtime.
from .llm.claude_code import ClaudeCodeLLM
→ Implement the missing LLM provider modules or remove unused imports.
 bot_engine/bot_instance.py:35
Medium
SSRF Risk in Broadcast Feature
The get_broadcast_content() method fetches content from user-configured API endpoints without validation. An attacker with admin access could target internal services.
resp = requests.get(api_endpoint, timeout=10)
→ Add URL validation to prevent requests to private IP ranges (127.0.0.1, 10.0.0.0/8, 192.168.0.0/16, etc.).
 bot_engine/bot_instance.py:223
Low
Unpinned Dependencies
requirements.txt contains packages without version constraints, which could lead to supply chain vulnerabilities.
requests==2.31.0
→ Pin all dependencies to specific versions for reproducible and secure builds.
 requirements.txt:1
Low
Missing Harness Integration
bot_instance.py attempts to import GovernanceEngine from 'harness.core', but this module is not part of the skill package and would fail if harness is not installed.
from harness.core import GovernanceEngine
→ Document harness as a required dependency or implement graceful fallback.
 bot_engine/bot_instance.py:23
ResourceDeclaredInferredStatusEvidence
Filesystem WRITE WRITE ✓ Aligned SKILL.md describes knowledge base upload and config management
Network READ READ ✓ Aligned Telegram API calls in admin/app.py, broadcast API fetch in bot_instance.py
Shell NONE NONE No subprocess, os.system, exec, or eval found
Environment READ READ ✓ Aligned .env loading in admin/app.py:22-30 for API keys
Skill Invoke NONE NONE No skill invocation observed
Clipboard NONE NONE No clipboard access
Browser NONE NONE No browser automation
Database READ READ ✓ Aligned ChromaDB for vector search, JSON files for config storage
5 findings
🔗
Medium External URL 外部 URL
https://api.example.com/news
admin/app.py:142
🔗
Medium External URL 外部 URL
https://feeds.example.com/web3
admin/app.py:164
🔗
Medium External URL 外部 URL
https://api.telegram.org/bot
admin/app.py:463
🔗
Medium External URL 外部 URL
https://your-domain/api/telegram/webhook/
admin/app.py:1169
🔗
Medium External URL 外部 URL
https://api.example.com/v1
admin/lite.html:161

File Tree

11 files · 104.8 KB · 2577 lines
Python 5f · 1818L HTML 1f · 492L JSON 2f · 139L Markdown 2f · 121L Text 1f · 7L
├─ 📁 admin
│ ├─ 🐍 app.py Python 1281L · 58.0 KB
│ └─ 📄 lite.html HTML 492L · 19.7 KB
├─ 📁 bot_engine
│ ├─ 🐍 __init__.py Python 1L · 25 B
│ ├─ 🐍 bot_instance.py Python 311L · 11.5 KB
│ ├─ 🐍 config_parser.py Python 63L · 2.3 KB
│ └─ 🐍 manager.py Python 162L · 6.3 KB
├─ 📁 config
│ └─ 📋 openclaw.json JSON 131L · 3.7 KB
├─ 📋 _meta.json JSON 8L · 262 B
├─ 📝 README.md Markdown 69L · 1.6 KB
├─ 📄 requirements.txt Text 7L · 129 B
└─ 📝 SKILL.md Markdown 52L · 1.3 KB

Dependencies 8 items

PackageVersionSourceKnown VulnsNotes
fastapi 0.109.0 pip No Pinned
uvicorn 0.27.0 pip No Pinned with extras
python-multipart 0.0.6 pip No Pinned
requests 2.31.0 pip No Pinned
pyyaml 6.0.1 pip No Pinned
chromadb 0.4.22 pip No Pinned
jinja2 3.1.3 pip No Pinned
httpx * imported No Used in app.py but not in requirements.txt - imported directly

Security Positives

✓ No shell execution or command injection vectors found
✓ No base64 decode + exec patterns detected
✓ No credential exfiltration to external servers
✓ API keys stored in environment variables, not hardcoded
✓ File upload restricted to allowlisted extensions (.md, .txt, .pdf, .docx, .pptx, .xlsx, .csv, .pages)
✓ No access to sensitive paths like ~/.ssh or ~/.aws
✓ Session tokens use cryptographically secure secrets.token_urlsafe()
✓ No hidden functionality - behavior matches SKILL.md description