danube 安全扫描报告 — 可信 | ClawSafe

0 /100

danube

Connect your AI agent to 100+ services through a single API key — discover, search, and execute tools via MCP

This is a pure documentation skill describing MCP integration with Danube AI service. No code, scripts, or executable content present. All behavior is clearly declared in the documentation.

技能名称danube

分析耗时20.0s

引擎pi

✓

可以安装

This skill is safe to use. No security concerns identified. The skill provides legitimate MCP server configuration instructions for connecting to an external AI service catalog.

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	No file operations in skill.md
网络访问	`NONE`	`NONE`	—	No code executes network requests; only documents MCP endpoint
命令执行	`NONE`	`NONE`	—	No shell commands in skill.md
环境变量	`READ`	`NONE`	✓ 一致	DANUBE_API_KEY env var only mentioned for reference
技能调用	`NONE`	`NONE`	—	No skill invocation code
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser automation
数据库	`NONE`	`NONE`	—	No database operations

8 项发现

🔗

中危外部 URL 外部 URL

https://danubeai.com

skill.md:12

🔗

中危外部 URL 外部 URL

https://danubeai.com/dashboard

skill.md:24

🔗

中危外部 URL 外部 URL

https://api.danubeai.com/v1/auth/device/code

skill.md:29

🔗

中危外部 URL 外部 URL

https://api.danubeai.com/v1/auth/device/token

skill.md:41

🔗

中危外部 URL 外部 URL

https://mcp.danubeai.com/mcp

skill.md:58

🔗

中危外部 URL 外部 URL

https://docs.danubeai.com

skill.md:145

🔗

中危外部 URL 外部 URL

https://danubeai.com/privacy

skill.md:147

🔗

中危外部 URL 外部 URL

https://danubeai.com/terms

skill.md:148

目录结构

1 文件 · 5.7 KB · 148 行

Markdown 1f · 148L

└─ 📝 skill.md Markdown 148L · 5.7 KB

安全亮点

✓ Pure documentation skill with no executable code

✓ All functionality clearly declared and documented

✓ No hidden or obfuscated behavior

✓ No credential harvesting beyond legitimate API key

✓ Clear security model documented (user-scoped access, row-level security)

✓ OAuth 2.0 Device Authorization flow requires explicit user consent

✓ No base64, obfuscation, or anti-analysis patterns

✓ No suspicious network indicators (IP addresses, C2 domains)

✓ No file system or sensitive path access

✓ Standard MCP protocol integration with known service