扫描报告
0 /100
ovhcloud
OVHcloud integration. Manage data, records, and automate workflows.
The skill is a documentation-only OVHcloud integration that delegates all operations to the legitimate Membrane CLI; no executable code, no credential harvesting, no network egress outside declared APIs.
可以安装
No action needed. The skill is safe to use.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | NONE | — | No filesystem access declared or observed |
| 网络访问 | READ | READ | ✓ 一致 | All network calls go through 'membrane request' → Membrane proxy → OVHcloud API;… |
| 命令执行 | NONE | READ | ✓ 一致 | Only npm install -g (documented CLI installation) and membrane CLI invocations; … |
| 环境变量 | NONE | NONE | — | SKILL.md explicitly states 'never ask the user for API keys or tokens'; credenti… |
| 技能调用 | NONE | NONE | — | No cross-skill invocation observed |
| 剪贴板 | NONE | NONE | — | No clipboard access |
| 浏览器 | NONE | NONE | — | Browser used only for OAuth flow during membrane login; no browser automation |
| 数据库 | NONE | NONE | — | No database access |
2 项发现
中危 外部 URL 外部 URL
https://getmembrane.com SKILL.md:7 中危 外部 URL 外部 URL
https://developers.ovh.com/ SKILL.md:19 目录结构
1 文件 · 4.3 KB · 124 行 Markdown 1f · 124L
└─
SKILL.md
Markdown
安全亮点
✓ No executable code files — skill consists solely of documentation in SKILL.md
✓ Credentials managed entirely server-side by Membrane; no local API key exposure
✓ No arbitrary shell execution — only documented npm install and membrane CLI commands
✓ No sensitive path access (~/.ssh, ~/.aws, .env, etc.)
✓ No base64/eval/remote script fetching patterns
✓ No credential harvesting or data exfiltration
✓ All network traffic routed through documented Membrane proxy (OVHcloud API)
✓ Explicit best-practice guidance to prefer built-in actions over raw API calls