中文 EN

扫描报告

扫描新文件

可信 — 风险评分 0/100
上次扫描:1 天前 重新扫描
0 /100
PantryPilot
Household replenishment planning skill for mainland China that estimates what is running low, maps menus into restock demand, routes items across Meituan/PDD/Taobao, and outputs cheapest/fastest/lowest-friction restock plans
PantryPilot is a legitimate household replenishment planning skill for Chinese e-commerce platforms with no malicious behavior detected. All functionality is clearly documented, no credential harvesting, no external data exfiltration, and no hidden operations.
技能名称PantryPilot
分析耗时35.5s
引擎pi
可以安装
This skill is safe for deployment. No security action required.
资源类型声明权限推断权限状态证据
文件系统 NONE NONE SKILL.md defines no filesystem access; scripts/publish.sh only modifies temp dir…
网络访问 READ READ ✓ 一致 SKILL.md: 'inspect public product pages, grocery pages, activity pages'
命令执行 NONE NONE No shell execution in skill behavior; scripts/publish.sh is build-only, not skil…
环境变量 NONE NONE No environment variable access in skill implementation
技能调用 NONE NONE No cross-skill invocation without user consent documented
剪贴板 NONE NONE No clipboard access documented or observed
浏览器 READ READ ✓ 一致 SKILL.md: 'inspect public product pages, screenshots' with explicit stop before …
数据库 NONE NONE No database access documented or required

目录结构

13 文件 · 34.1 KB · 1107 行
Markdown 9f · 989L Shell 1f · 69L JSON 2f · 45L YAML 1f · 4L
├─ 📁 agents
│ └─ 📋 openai.yaml YAML 4L · 397 B
├─ 📁 references
│ ├─ 📝 example-prompts.md Markdown 33L · 1.5 KB
│ ├─ 📝 output-patterns.md Markdown 30L · 659 B
│ ├─ 📝 platform-routing.md Markdown 139L · 4.1 KB
│ ├─ 📝 replenishment-framework.md Markdown 178L · 4.6 KB
│ └─ 📝 test-cases.md Markdown 62L · 1.7 KB
├─ 📁 scripts
│ └─ 🔧 publish.sh Shell 69L · 2.1 KB
├─ 📝 CHANGELOG.md Markdown 8L · 399 B
├─ 📋 clawhub.json JSON 22L · 598 B
├─ 📋 package.json JSON 23L · 506 B
├─ 📝 README.md Markdown 128L · 3.9 KB
├─ 📝 RELEASE.md Markdown 83L · 2.1 KB
└─ 📝 SKILL.md Markdown 328L · 11.6 KB

安全亮点

✓ Clear documentation of all capabilities in SKILL.md
✓ Explicit safety boundaries defined (no login, no payment, no auto-checkout)
✓ No credential harvesting or sensitive data access
✓ No external data exfiltration or C2 communication
✓ No obfuscated code or base64 payloads
✓ No suspicious file paths accessed (~/.ssh, ~/.aws, .env)
✓ Browser access limited to public pages with explicit stop conditions
✓ Standard CI/CD script for publishing only, not skill execution
✓ MIT license with transparent open-source intent