中文 EN

扫描报告

扫描新文件

可信 — 风险评分 5/100
上次扫描:1 天前 重新扫描
5 /100
Okay
Okay goal-management platform integration using Membrane CLI
This is a documentation-only skill describing how to use the legitimate Membrane CLI to interact with the Okay goal-management platform. All shell commands and network access are declared and necessary for the documented functionality.
技能名称Okay
分析耗时25.6s
引擎pi
可以安装
No action needed. The skill is safe to use as documented.
资源类型声明权限推断权限状态证据
文件系统 NONE NONE No filesystem access required or used
网络访问 READ READ ✓ 一致 SKILL.md declares network access for Okay API via Membrane proxy
命令执行 WRITE WRITE ✓ 一致 SKILL.md lines 27-28: npm install -g @membranehq/cli; membrane login, connect, a…
环境变量 NONE NONE No environment variable access; credential handling delegated to Membrane
技能调用 NONE NONE No skill invocation chains
剪贴板 NONE NONE No clipboard access
浏览器 NONE NONE Browser interaction via Membrane CLI for OAuth, documented and declared
数据库 NONE NONE No database access
2 项发现
🔗
中危 外部 URL 外部 URL
https://getmembrane.com
SKILL.md:7
🔗
中危 外部 URL 外部 URL
https://developers.okaythis.com/
SKILL.md:19

目录结构

1 文件 · 4.4 KB · 123 行
Markdown 1f · 123L
└─ 📝 SKILL.md Markdown 123L · 4.4 KB

依赖分析 1 项

包名版本来源已知漏洞备注
@membranehq/cli latest npm Declared dependency for Okay integration; version pinned to 'latest' is acceptable for CLI tools

安全亮点

✓ All shell commands are explicitly declared in SKILL.md
✓ Network access is declared and necessary for the Okay API integration
✓ Credential handling is properly delegated to the Membrane platform (no local secret storage)
✓ No obfuscation, base64 encoding, or suspicious patterns detected
✓ No executable scripts or code files present — pure documentation
✓ Dependency (@membranehq/cli) is a known legitimate tool from Membrane
✓ No sensitive file access (ssh, aws, .env) detected
✓ No data exfiltration, credential theft, or C2 communication patterns
✓ Skill follows documentation best practices with clear usage examples