openai-agent-sdk Security Report — Low Risk | ClawSafe

10 /100

openai-agent-sdk

Build multi-agent AI systems with OpenAI Agents SDK. Create, orchestrate, and manage AI agents with tools, handoffs, guardrails, and tracing.

This skill is a pure documentation package for the OpenAI Agents SDK containing only example code and templates — no malicious behavior, no runtime code, and no exfiltration mechanisms.

Skill Nameopenai-agent-sdk

Duration37.6s

Enginepi

✓

Safe to install

Safe to use. The skill declares no filesystem, network, shell, or credential access. Users should be aware that `eval()` in the example calculator tool is intentionally exposed for demonstration purposes only.

Findings 2 items

Severity	Finding	Location
Low	API key placeholder strings in documentation SKILL.md contains example API key strings on lines 174 and 279 as documentation placeholders. These are example text (sk-your-api-key-here, your-anthropic-key), not real credentials, and are used to demonstrate how to set environment variables. No credential harvesting occurs. `export OPENAI_API_KEY="sk-your-api-key-here"` → Consider replacing placeholder values with clearly-marked placeholder text like '<YOUR_API_KEY>' to avoid confusion.	`SKILL.md:174`
Low	eval() usage in example calculator tool tools_example.py defines a calculate() function that uses eval() on user-provided math expressions. This is intentionally documented in SKILL.md as a demonstration of the @function_tool decorator. No hidden or unexpected code execution. `result = eval(expression)` → In production code, use a safe expression evaluator (e.g., ast.literal_eval or a math expression parser) instead of eval(). This is noted in documentation as an educational example only.	`examples/tools_example.py:30`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`NONE`	—	No file read/write operations in any file
Network	`NONE`	`NONE`	—	No HTTP requests or network calls; external URLs are only in documentation links
Shell	`NONE`	`NONE`	—	No subprocess, os.system, or shell execution calls
Environment	`NONE`	`NONE`	—	No os.environ access or credential enumeration
Skill Invoke	`NONE`	`NONE`	—	No cross-skill invocation code
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser automation
Database	`NONE`	`NONE`	—	No database connections

2 High 3 findings

🔑

High API Key 疑似硬编码凭证

API_KEY="sk-your-api-key-here"

SKILL.md:174

🔑

High API Key 疑似硬编码凭证

api_key="your-anthropic-key"

SKILL.md:279

🔗

Medium External URL 外部 URL

https://openai.github.io/openai-agents-python/

README.md:54

File Tree

7 files · 22.2 KB · 962 lines

Markdown 2f · 664L Python 5f · 298L

├─ ▾ 📁 examples

│ ├─ 🐍 basic_agent.py Python 28L · 570 B

│ ├─ 🐍 handoffs_example.py Python 54L · 1.3 KB

│ └─ 🐍 tools_example.py Python 55L · 1.5 KB

├─ ▾ 📁 templates

│ ├─ 🐍 agent_template.py Python 59L · 1.4 KB

│ └─ 🐍 multi_agent_template.py Python 102L · 2.6 KB

├─ 📝 README.md Markdown 59L · 1.3 KB

└─ 📝 SKILL.md Markdown 605L · 13.5 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`openai-agents`	`>=0.1.0`	pip	No	No pinned upper bound; should pin to a specific version in production

Security Positives

✓ No filesystem access or file operations of any kind

✓ No network requests, IP connections, or data exfiltration

✓ No shell execution, subprocess, or command injection vectors

✓ No credential harvesting or environment variable enumeration

✓ No hidden functionality — all code is either documented examples or templates

✓ No suspicious encoding patterns (base64, hex, rot13)

✓ No download-and-execute patterns (curl|bash, wget|sh)

✓ No .env files, SSH keys, or sensitive path access

✓ Skill declares no permissions — aligns with actual implementation

✓ All external URLs are legitimate documentation links to openai.github.io and github.com

Scan Report

Findings 2 items

File Tree

Dependencies 1 items

Security Positives