扫描报告
0 /100
foreshadowing-tracker
伏笔追踪器 - 识别章节中的伏笔并追踪回收状态。当需要管理伏笔、确保前后呼应时使用,支持新增伏笔识别、待回收伏笔提醒、已回收伏笔标记。
A benign foreshadowing tracker for novel writing with no security concerns.
可以安装
This skill is safe to use. No security action required.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | READ | READ | ✓ 一致 | SKILL.md declares --book-dir and --chapter parameters; code only reads user-spec… |
| 文件系统 | WRITE | WRITE | ✓ 一致 | SKILL.md declares --output and --record parameters; code writes to user-specifie… |
| 网络访问 | NONE | NONE | — | No network operations in code |
| 命令执行 | NONE | NONE | — | No subprocess or shell execution in code |
| 环境变量 | NONE | NONE | — | No os.environ access in code |
| 技能调用 | NONE | NONE | — | No skill invocation in code |
| 剪贴板 | NONE | NONE | — | No clipboard access in code |
| 浏览器 | NONE | NONE | — | No browser automation in code |
| 数据库 | NONE | NONE | — | No database operations in code |
目录结构
3 文件 · 18.3 KB · 590 行 Python 1f · 413L
Markdown 1f · 175L
Text 1f · 2L
├─
▾
scripts
│ ├─
requirements.txt
Text
│ └─
track_foreshadowing.py
Python
└─
SKILL.md
Markdown
依赖分析 2 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
rich | * | pip | 否 | Version not pinned |
PyYAML | * | pip | 否 | Version not pinned |
安全亮点
✓ Well-documented SKILL.md with clear use cases and CLI examples
✓ No shell execution or subprocess calls
✓ No network access or external communications
✓ No credential harvesting or sensitive data access
✓ No obfuscation or encoded payloads
✓ Filesystem access is strictly limited to user-specified paths via CLI arguments
✓ Standard dependencies (rich, PyYAML) with no known vulnerabilities
✓ Clean Python implementation using only argparse, json, re, pathlib, and rich libraries
✓ All declared functionality matches actual code behavior