安全决策报告

chattts

Name: chattts 可信度判断报告
Item: chattts
Rating: 69
Author: ClawSafe

Hardcoded non-localhost IP address (172.23.252.114:8020) in both SKILL.md and script creates an undeclared network destination with no clear legitimate reason to avoid environment-based configuration.

安装决策优先来源: 手动上传扫描时间: 2026/4/4

文件 2

IOC 2

越权项 0

发现 2

最直接的威胁证据

高危 IP 地址

172.23.252.114

为什么得出这个结论

1/4 个维度触发

通过

声明与实际能力

声明资源与推断能力基本一致。

阻止

隐藏执行与外联

提取到 1 个高危 IOC 或外联信号。

通过

攻击链与高危发现

没有形成明确的恶意路径。

复核

依赖与供应链卫生

没有完整依赖信息，供应链判断需要保留弹性。

风险分是怎么被拉高的

Hardcoded IP address in script +15

Script defaults to http://172.23.252.114:8020 when CHATTTS_API_URL is unset

Non-localhost network destination +10

IP 172.23.252.114 is a private IP suggesting external infrastructure, not a local TTS server

Metadata declares hardcoded IP as requirement +6

SKILL.md metadata specifies env=['http://172.23.252.114:8020'] as the primary environment

最关键的证据

中危敏感访问

Hardcoded fallback IP address

The script uses a hardcoded IP address (172.23.252.114:8020) as a fallback when CHATTTS_API_URL is not set. This creates a network dependency to an unspecified external endpoint without clear documentation of its trustworthiness.

scripts/tts.mjs:48

Remove the hardcoded IP fallback. Require CHATTTS_API_URL to be explicitly set, or default to localhost (127.0.0.1:8020) for local-only operation.

中危文档欺骗

Non-localhost network destination declared as requirement

The SKILL.md metadata explicitly declares http://172.23.252.114:8020 as the primaryEnv requirement. For a typical TTS skill, a local server (localhost) would be expected. Using a private IP suggests external infrastructure without justification.

SKILL.md:4

If external TTS servers are legitimate use cases, document why. Otherwise, default to localhost for user privacy and security.

声明能力 vs 实际能力

网络访问 通过

声明 READ

→

推断 READ

SKILL.md:4 metadata declares env=['http://172.23.252.114:8020']

命令执行 通过

声明 WRITE

→

推断 WRITE

SKILL.md usage shows 'node {baseDir}/scripts/tts.mjs'

文件系统 通过

声明 NONE

→

推断 NONE

No file operations in scripts/tts.mjs

环境变量 通过

声明 READ

→

推断 READ

scripts/tts.mjs:48 reads process.env.CHATTTS_API_URL

可疑产物与外联

高危 IP 地址

172.23.252.114

SKILL.md:4

中危外部 URL

http://172.23.252.114:8020

SKILL.md:4

依赖与供应链

没有结构化依赖告警。

文件构成

2 个文件 · 87 行

JavaScript 1 个文件 · 60 行Markdown 1 个文件 · 27 行

需关注文件 · 2

scripts/tts.mjs JavaScript · 60 行

Hardcoded fallback IP address

SKILL.md Markdown · 27 行

Non-localhost network destination declared as requirement · 172.23.252.114 · http://172.23.252.114:8020

安全亮点

Skill functionality is straightforward: text-to-speech via HTTP API

No credential harvesting or sensitive file access

No obfuscation techniques (base64, eval) detected

Uses standard Node.js fetch API for HTTP requests

Environment variable CHATTTS_API_URL is supported as primary configuration method