扫描报告
5 /100
kai-report-creator
Generate single-file HTML reports with charts, KPIs, timelines, and export to images
kai-report-creator is a legitimate HTML report generation and image export tool with no malicious behavior detected.
可以安装
This skill is safe to use. No security concerns identified.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | WRITE | ✓ 一致 | SKILL.md declares --output flag for saving HTML; Write tool usage is explicit an… |
| 网络访问 | NONE | READ | ✓ 一致 | CDN libraries loaded by generated HTML are explicitly documented in SKILL.md and… |
| 命令执行 | NONE | WRITE | ✓ 一致 | scripts/export-image.py uses playwright.sync_api to launch chromium — but this i… |
22 项发现
中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/en/corporate-blue.html README.md:88 中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/en/minimal.html README.md:89 中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/en/dark-tech.html README.md:92 中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/en/dark-board.html README.md:93 中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/en/data-story.html README.md:96 中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/en/newspaper.html README.md:97 中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/zh/corporate-blue.html README.zh-CN.md:88 中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/zh/minimal.html README.zh-CN.md:89 中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/zh/dark-tech.html README.zh-CN.md:92 中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/zh/dark-board.html README.zh-CN.md:93 中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/zh/data-story.html README.zh-CN.md:96 中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/zh/newspaper.html README.zh-CN.md:97 中危 外部 URL 外部 URL
http://www.w3.org/2000/svg references/rendering-rules.md:252 中危 外部 URL 外部 URL
https://api.saasplatform.example.com/v1 templates/en/corporate-blue.html:596 中危 外部 URL 外部 URL
https://placehold.co/860x400/E3EDFF/1A56DB?text=Product+Architecture+Overview templates/en/corporate-blue.html:687 中危 外部 URL 外部 URL
https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/styles/github-dark.min.css templates/en/dark-tech.html:8 中危 外部 URL 外部 URL
https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/highlight.min.js templates/en/dark-tech.html:9 中危 外部 URL 外部 URL
https://placehold.co/860x400/1E293B/818CF8?text=System+Topology+Diagram templates/en/dark-tech.html:739 中危 外部 URL 外部 URL
https://placehold.co/860x400/F3F4F6/9CA3AF?text=Satisfaction+Heatmap templates/en/minimal.html:622 中危 外部 URL 外部 URL
https://api.aiprod.example.com/v1 templates/zh/corporate-blue.html:612 中危 外部 URL 外部 URL
https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/styles/github.min.css templates/zh/minimal.html:8 中危 外部 URL 外部 URL
https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/languages/python.min.js templates/zh/minimal.html:10 目录结构
49 文件 · 815.2 KB · 15061 行 HTML 17f · 11137L
Markdown 16f · 3032L
Python 5f · 572L
CSS 8f · 286L
Shell 1f · 25L
Config 1f · 6L
Text 1f · 3L
├─
▾
docs
│ └─
▾
superpowers
│ ├─
▾
plans
│ │ └─
2026-04-02-content-aware-components.md
Markdown
│ └─
▾
specs
│ └─
2026-04-02-content-aware-components-design.md
Markdown
├─
▾
examples
│ ├─
▾
en
│ │ ├─
business-report.html
HTML
│ │ └─
monthly-progress.html
HTML
│ ├─
▾
zh
│ │ ├─
business-report.html
HTML
│ │ └─
monthly-progress.html
HTML
│ ├─
business-report.report.md
Markdown
│ ├─
research-report.report.md
Markdown
│ └─
tech-doc.report.md
Markdown
├─
▾
references
│ ├─
design-quality.md
Markdown
│ ├─
html-shell-template.md
Markdown
│ ├─
rendering-rules.md
Markdown
│ ├─
theme-css.md
Markdown
│ └─
toc-and-template.md
Markdown
├─
▾
scripts
│ └─
export-image.py
Python
├─
▾
templates
│ ├─
▾
en
│ │ ├─
corporate-blue.html
HTML
│ │ ├─
dark-board.html
HTML
│ │ ├─
dark-tech.html
HTML
│ │ ├─
data-story.html
HTML
│ │ ├─
minimal.html
HTML
│ │ └─
newspaper.html
HTML
│ ├─
▾
themes
│ │ ├─
corporate-blue.css
CSS
│ │ ├─
dark-board.css
CSS
│ │ ├─
dark-tech.css
CSS
│ │ ├─
data-story.css
CSS
│ │ ├─
minimal.css
CSS
│ │ ├─
newspaper.css
CSS
│ │ └─
shared.css
CSS
│ └─
▾
zh
│ ├─
corporate-blue.html
HTML
│ ├─
dark-board.html
HTML
│ ├─
dark-tech.html
HTML
│ ├─
data-story.html
HTML
│ ├─
minimal.html
HTML
│ └─
newspaper.html
HTML
├─
▾
tests
│ ├─
▾
fixtures
│ │ └─
minimal_report.html
HTML
│ ├─
__init__.py
Python
│ ├─
conftest.py
Python
│ ├─
test_export_config.py
Python
│ └─
test_screenshot_behavior.py
Python
├─
▾
themes
│ ├─
▾
_example-warm-editorial
│ │ ├─
reference.md
Markdown
│ │ └─
theme.css
CSS
│ ├─
README.md
Markdown
│ └─
README.zh-CN.md
Markdown
├─
pytest.ini
Config
├─
README.md
Markdown
├─
README.zh-CN.md
Markdown
├─
requirements-test.txt
Text
├─
run_tests.sh
Shell
└─
SKILL.md
Markdown
依赖分析 3 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
playwright | >=1.40 | pip | 否 | Used only in scripts/export-image.py for screenshot export |
pytest-playwright | >=0.4 | pip | 否 | Development dependency for tests only |
pytest | >=7.0 | pip | 否 | Dev/test dependency only |
安全亮点
✓ No credential harvesting or environment variable access
✓ No base64-encoded or obfuscated code detected
✓ No network exfiltration or C2 communication
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)
✓ No reverse shell, RCE, or arbitrary command execution
✓ All dependencies (playwright, chart.js, echarts) are standard, documented libraries
✓ SKILL.md accurately describes all functionality including --export-image using Playwright
✓ Test suite is comprehensive and well-structured with proper fixtures
✓ Generated HTML scripts only perform local DOM manipulation and download operations
✓ External URLs are all legitimate CDN services (jsdelivr, cdnjs, placehold.co) and are fully documented