中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:1 day ago Rescan
5 /100
kids-points
儿童积分语音助手 - 支持语音记账、语音播报、音频识别
Legitimate children's points management system with voice I/O; no malicious behavior, credential harvesting, or exfiltration detected. Hardcoded paths and undeclared network access are minor issues without security impact.
Skill Namekids-points
Duration64.0s
Enginepi
Safe to install
Safe to use. Consider parameterizing hardcoded workspace paths for portability. Declare network:WRITE in SKILL.md for API calls.

Findings 3 items

Severity Finding Location
Low
Hardcoded user-specific workspace paths Priv Escalation
Multiple scripts contain hardcoded paths: /home/wang/.openclaw/agents/kids-study/workspace. While process.env fallbacks exist, the hardcoded paths suggest the code was written for a single-user environment. This is a portability/functionality concern, not a security issue.
const WORKSPACE = process.env.WORKSPACE || '/home/wang/.openclaw/agents/kids-study/workspace'
→ Use environment variables as the primary source; remove hardcoded fallbacks or make them configurable.
 scripts/handler.js:45
Low
Network access not declared in SKILL.md Doc Mismatch
SKILL.md declares filesystem and shell capabilities but does not mention network:WRITE for external SenseAudio API calls (senseaudio.cn). While the network calls are for a legitimate API integration (documented in the skill description), the capability map in SKILL.md should be updated.
skill_invoke: filesystem:WRITE, shell:WRITE, environment:READ
→ Add network:WRITE to the allowed-tools declaration to reflect HTTP API calls to senseaudio.cn.
 SKILL.md:1
Info
Reads SENSE_API_KEY from openclaw.json Sensitive Access
The skill reads the SENSE_API_KEY from ~/.openclaw/openclaw.json to authenticate with the SenseAudio API. This is legitimate API key usage - the key is used in-place to call an external service, not harvested or exfiltrated.
const apiKey = config.env?.SENSE_API_KEY
→ No action needed - this is intended and necessary for the voice feature.
 scripts/handler.js:248
ResourceDeclaredInferredStatusEvidence
Filesystem WRITE WRITE ✓ Aligned SKILL.md: file read/write for balance.md, monthly logs
Shell WRITE WRITE ✓ Aligned scripts/handler.js:33 exec(python3 tts.py/asr.py)
Environment READ READ ✓ Aligned WORKSPACE, POINTS_DIR env vars read
Network NONE WRITE ✓ Aligned External HTTP calls to senseaudio.cn via Python scripts (TTS/ASR)
Skill Invoke NONE NONE No skill_invoke usage
Clipboard NONE NONE No clipboard access
Browser NONE NONE No browser usage
Database NONE NONE No database access
9 findings
🔗
Medium External URL 外部 URL
https://senseaudio.cn
DEPENDENCIES.md:94
🔗
Medium External URL 外部 URL
https://clawhub.com
META_SKILL.md:148
🔗
Medium External URL 外部 URL
https://clawhub.com/skills/kids-points(发布后)
PUBLISH_CHECKLIST.md:152
🔗
Medium External URL 外部 URL
https://clawhub.com/skills/kids-points/docs(发布后)
PUBLISH_CHECKLIST.md:153
🔗
Medium External URL 外部 URL
https://clawhub.com/skills/kids-points/issues(发布后)
PUBLISH_CHECKLIST.md:154
🔗
Medium External URL 外部 URL
https://img.shields.io/badge/version-1.2.0-blue.svg
README.md:5
🔗
Medium External URL 外部 URL
https://img.shields.io/badge/license-MIT-green.svg
README.md:6
🔗
Medium External URL 外部 URL
https://img.shields.io/badge/voice-KidPointVoice-orange.svg
README.md:7
🔗
Medium External URL 外部 URL
https://senseaudio.cn\n
scripts/handler.js:20

File Tree

28 files · 164.2 KB · 5974 lines
Markdown 11f · 3085L JavaScript 12f · 2644L Shell 3f · 133L JSON 2f · 112L
├─ 📁 config
│ └─ 📋 rules.json JSON 88L · 2.2 KB
├─ 📁 scripts
│ ├─ 🔧 auto-daily-report.sh Shell 38L · 1.3 KB
│ ├─ 📜 check-overdraft.js JavaScript 79L · 2.3 KB
│ ├─ 📜 daily-summary.js JavaScript 94L · 2.6 KB
│ ├─ 🔧 daily-summary.sh Shell 13L · 470 B
│ ├─ 📜 generate-daily-report.js JavaScript 509L · 14.8 KB
│ ├─ 📜 handle-image.js JavaScript 69L · 1.8 KB
│ ├─ 📜 handler.js JavaScript 916L · 29.6 KB
│ ├─ 📜 index.js JavaScript 60L · 1.7 KB
│ ├─ 📜 install-dependencies.js JavaScript 206L · 5.5 KB
│ ├─ 📜 parse-input.js JavaScript 206L · 5.7 KB
│ ├─ 🔧 send-daily-report.sh Shell 82L · 2.9 KB
│ ├─ 📜 test-prompts.js JavaScript 47L · 1.4 KB
│ ├─ 📜 test-v1.3.js JavaScript 95L · 3.7 KB
│ └─ 📜 wrapper.js JavaScript 99L · 2.3 KB
├─ 📜 agent-handler.js JavaScript 264L · 9.3 KB
├─ 📝 config.md Markdown 50L · 1.1 KB
├─ 📝 DEPENDENCIES.md Markdown 304L · 6.0 KB
├─ 📝 META_SKILL.md Markdown 302L · 5.9 KB
├─ 📝 OPTIMIZATION_SUMMARY.md Markdown 402L · 10.9 KB
├─ 📋 package.json JSON 24L · 672 B
├─ 📝 PROMPTS_GUIDE.md Markdown 276L · 5.9 KB
├─ 📝 PUBLISH_CHECKLIST.md Markdown 167L · 4.1 KB
├─ 📝 README.md Markdown 252L · 6.1 KB
├─ 📝 RELEASE_CHECKLIST.md Markdown 218L · 4.9 KB
├─ 📝 RULES.md Markdown 332L · 9.1 KB
├─ 📝 SKILL.md Markdown 608L · 18.2 KB
└─ 📝 USAGE.md Markdown 174L · 3.7 KB

Dependencies 2 items

PackageVersionSourceKnown VulnsNotes
requests unpinned pip (Python) No Python HTTP library for SenseAudio API; no version constraint in docs
none N/A npm No package.json declares no npm dependencies

Security Positives

✓ No credential harvesting - only reads SENSE_API_KEY for its own API calls, does not iterate os.environ or scan for secrets
✓ No exfiltration - all data stays in local workspace files (balance.md, monthly/*.md)
✓ No obfuscation - all code is human-readable, no base64/eval/atob patterns
✓ No remote code execution - shell commands only invoke documented TTS/ASR Python scripts with properly escaped arguments
✓ Documentation matches implementation - features described in SKILL.md are accurately reflected in the code
✓ No C2 communication or suspicious network patterns
✓ No prompt injection or hidden instructions in comments
✓ No cron-based persistence or backdoor installation
✓ Subprocess usage is documented and necessary for audio playback
✓ No sensitive file access (no ~/.ssh, ~/.aws, .env scanning)
✓ No dependency vulnerabilities detected in package.json (no external npm packages required)