中文 EN

Scan Report

Scan New Files

Low Risk — Risk Score 22/100
Last scan:18 hr ago Rescan
22 /100
container-runtime-threat-model
Generate container runtime threat models analyzing attack surfaces across container components, images, privileges, network exposure, and security controls. Use when threat modeling containerized applications, Docker/containerd security review, container escape risk assessment, STRIDE analysis for containers, or cloud-native application security.
The skill is a wrapper around an external API call to portal.toolweb.in for container threat modeling, with no local code execution beyond curl — all capabilities are declared, though user infrastructure data is sent to an external service.
Skill Namecontainer-runtime-threat-model
Duration34.5s
Enginepi
Safe to install
Review portal.toolweb.in reputation before use. The skill sends detailed container configurations (component names, images, volumes, capabilities, privilege flags) to an external endpoint — only use with non-sensitive environments or after auditing the service.

Findings 3 items

Severity Finding Location
Medium
Container configuration data sent to external API Data Exfil
User-provided container configurations (component names, images, privileged flags, volumes, capabilities, network settings) are transmitted as JSON to portal.toolweb.in/apis/security/crtmg. This exposes detailed infrastructure topology externally.
curl -s -X POST "https://portal.toolweb.in/apis/security/crtmg" -H "X-API-Key: $TOOLWEB_API_KEY" -d '{...container configs...}'
→ Only use this skill with non-sensitive, non-production environments, or audit portal.toolweb.in for data handling policies before sending production infrastructure details.
 SKILL.md:1
Low
No local threat model capability — full dependency on external API Priv Escalation
The SKILL.md explicitly instructs to NEVER generate threat models from local knowledge: 'ALWAYS call the ToolWeb API endpoint using curl. Do NOT answer from your own knowledge.' This means if the API is unavailable, compromised, or taken over, the skill provides zero value and no fallback.
ALWAYS call the ToolWeb API endpoint using curl. Do NOT answer from your own knowledge.
→ Verify the long-term availability and security of portal.toolweb.in before relying on this skill for production workflows.
 SKILL.md:1
Low
API key transmitted to external service Credential Theft
The TOOLWEB_API_KEY is sent to portal.toolweb.in with every request. While this is expected for API authentication, the key and all associated user data traverse an external service.
-H "X-API-Key: $TOOLWEB_API_KEY"
→ Use a dedicated API key with minimal permissions/scope for this service. Rotate the key regularly.
 SKILL.md:1
ResourceDeclaredInferredStatusEvidence
Network READ READ ✓ Aligned SKILL.md: curl POST to portal.toolweb.in with X-API-Key header
Shell WRITE WRITE ✓ Aligned SKILL.md: Uses curl as bash command — Bash→shell:WRITE
Environment READ READ ✓ Aligned SKILL.md: Reads TOOLWEB_API_KEY from environment
Filesystem NONE NONE No filesystem access in skill
7 findings
🔗
Medium External URL 外部 URL
https://portal.toolweb.in/apis/security/crtmg
README.md:32
🔗
Medium External URL 外部 URL
https://toolweb.in
README.md:46
🔗
Medium External URL 外部 URL
https://portal.toolweb.in
README.md:47
🔗
Medium External URL 外部 URL
https://youtube.com/@toolweb-009
README.md:48
🔗
Medium External URL 外部 URL
https://hub.toolweb.in
SKILL.md:252
🔗
Medium External URL 外部 URL
https://toolweb.in/openclaw/
SKILL.md:253
🔗
Medium External URL 外部 URL
https://rapidapi.com/user/mkrishna477
SKILL.md:254

File Tree

2 files · 12.8 KB · 321 lines
Markdown 2f · 321L
├─ 📝 README.md Markdown 48L · 1.5 KB
└─ 📝 SKILL.md Markdown 273L · 11.4 KB

Security Positives

✓ No local malicious code — the skill contains only documentation and curl commands
✓ All resource usage (network via curl, environment variable access for API key) is clearly declared in SKILL.md
✓ No obfuscation, base64, eval, or hidden execution paths
✓ No credential harvesting beyond the declared TOOLWEB_API_KEY for API authentication
✓ No access to sensitive paths like ~/.ssh, ~/.aws, or .env files
✓ No supply chain risk — no package dependencies (requirements.txt, package.json, etc.)