kids-points 安全扫描报告 — 可信 | ClawSafe

5 /100

kids-points

儿童积分语音助手 - 支持语音记账、语音播报、音频识别

Legitimate children's points management system with voice I/O; no malicious behavior, credential harvesting, or exfiltration detected. Hardcoded paths and undeclared network access are minor issues without security impact.

技能名称kids-points

分析耗时64.0s

引擎pi

✓

可以安装

Safe to use. Consider parameterizing hardcoded workspace paths for portability. Declare network:WRITE in SKILL.md for API calls.

安全发现 3 项

严重性	安全发现	位置
低危	Hardcoded user-specific workspace paths 权限提升 Multiple scripts contain hardcoded paths: /home/wang/.openclaw/agents/kids-study/workspace. While process.env fallbacks exist, the hardcoded paths suggest the code was written for a single-user environment. This is a portability/functionality concern, not a security issue. `const WORKSPACE = process.env.WORKSPACE \|\| '/home/wang/.openclaw/agents/kids-study/workspace'` → Use environment variables as the primary source; remove hardcoded fallbacks or make them configurable.	`scripts/handler.js:45`
低危	Network access not declared in SKILL.md 文档欺骗 SKILL.md declares filesystem and shell capabilities but does not mention network:WRITE for external SenseAudio API calls (senseaudio.cn). While the network calls are for a legitimate API integration (documented in the skill description), the capability map in SKILL.md should be updated. `skill_invoke: filesystem:WRITE, shell:WRITE, environment:READ` → Add network:WRITE to the allowed-tools declaration to reflect HTTP API calls to senseaudio.cn.	`SKILL.md:1`
提示	Reads SENSE_API_KEY from openclaw.json 敏感访问 The skill reads the SENSE_API_KEY from ~/.openclaw/openclaw.json to authenticate with the SenseAudio API. This is legitimate API key usage - the key is used in-place to call an external service, not harvested or exfiltrated. `const apiKey = config.env?.SENSE_API_KEY` → No action needed - this is intended and necessary for the voice feature.	`scripts/handler.js:248`

资源类型	声明权限	推断权限	状态	证据
文件系统	`WRITE`	`WRITE`	✓ 一致	SKILL.md: file read/write for balance.md, monthly logs
命令执行	`WRITE`	`WRITE`	✓ 一致	scripts/handler.js:33 exec(python3 tts.py/asr.py)
环境变量	`READ`	`READ`	✓ 一致	WORKSPACE, POINTS_DIR env vars read
网络访问	`NONE`	`WRITE`	✓ 一致	External HTTP calls to senseaudio.cn via Python scripts (TTS/ASR)
技能调用	`NONE`	`NONE`	—	No skill_invoke usage
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser usage
数据库	`NONE`	`NONE`	—	No database access

9 项发现

🔗

中危外部 URL 外部 URL

https://senseaudio.cn

DEPENDENCIES.md:94

🔗

中危外部 URL 外部 URL

https://clawhub.com

META_SKILL.md:148

🔗

中危外部 URL 外部 URL

https://clawhub.com/skills/kids-points（发布后）

PUBLISH_CHECKLIST.md:152

🔗

中危外部 URL 外部 URL

https://clawhub.com/skills/kids-points/docs（发布后）

PUBLISH_CHECKLIST.md:153

🔗

中危外部 URL 外部 URL

https://clawhub.com/skills/kids-points/issues（发布后）

PUBLISH_CHECKLIST.md:154

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/version-1.2.0-blue.svg

README.md:5

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/license-MIT-green.svg

README.md:6

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/voice-KidPointVoice-orange.svg

README.md:7

🔗

中危外部 URL 外部 URL

https://senseaudio.cn\n

scripts/handler.js:20

目录结构

28 文件 · 164.2 KB · 5974 行

Markdown 11f · 3085L JavaScript 12f · 2644L Shell 3f · 133L JSON 2f · 112L

├─ ▾ 📁 config

│ └─ 📋 rules.json JSON 88L · 2.2 KB

├─ ▾ 📁 scripts

│ ├─ 🔧 auto-daily-report.sh Shell 38L · 1.3 KB

│ ├─ 📜 check-overdraft.js JavaScript 79L · 2.3 KB

│ ├─ 📜 daily-summary.js JavaScript 94L · 2.6 KB

│ ├─ 🔧 daily-summary.sh Shell 13L · 470 B

│ ├─ 📜 generate-daily-report.js JavaScript 509L · 14.8 KB

│ ├─ 📜 handle-image.js JavaScript 69L · 1.8 KB

│ ├─ 📜 handler.js JavaScript 916L · 29.6 KB

│ ├─ 📜 index.js JavaScript 60L · 1.7 KB

│ ├─ 📜 install-dependencies.js JavaScript 206L · 5.5 KB

│ ├─ 📜 parse-input.js JavaScript 206L · 5.7 KB

│ ├─ 🔧 send-daily-report.sh Shell 82L · 2.9 KB

│ ├─ 📜 test-prompts.js JavaScript 47L · 1.4 KB

│ ├─ 📜 test-v1.3.js JavaScript 95L · 3.7 KB

│ └─ 📜 wrapper.js JavaScript 99L · 2.3 KB

├─ 📜 agent-handler.js JavaScript 264L · 9.3 KB

├─ 📝 config.md Markdown 50L · 1.1 KB

├─ 📝 DEPENDENCIES.md Markdown 304L · 6.0 KB

├─ 📝 META_SKILL.md Markdown 302L · 5.9 KB

├─ 📝 OPTIMIZATION_SUMMARY.md Markdown 402L · 10.9 KB

├─ 📋 package.json JSON 24L · 672 B

├─ 📝 PROMPTS_GUIDE.md Markdown 276L · 5.9 KB

├─ 📝 PUBLISH_CHECKLIST.md Markdown 167L · 4.1 KB

├─ 📝 README.md Markdown 252L · 6.1 KB

├─ 📝 RELEASE_CHECKLIST.md Markdown 218L · 4.9 KB

├─ 📝 RULES.md Markdown 332L · 9.1 KB

├─ 📝 SKILL.md Markdown 608L · 18.2 KB

└─ 📝 USAGE.md Markdown 174L · 3.7 KB

依赖分析 2 项

包名	版本	来源	已知漏洞	备注
`requests`	`unpinned`	pip (Python)	否	Python HTTP library for SenseAudio API; no version constraint in docs
`none`	`N/A`	npm	否	package.json declares no npm dependencies

安全亮点

✓ No credential harvesting - only reads SENSE_API_KEY for its own API calls, does not iterate os.environ or scan for secrets

✓ No exfiltration - all data stays in local workspace files (balance.md, monthly/*.md)

✓ No obfuscation - all code is human-readable, no base64/eval/atob patterns

✓ No remote code execution - shell commands only invoke documented TTS/ASR Python scripts with properly escaped arguments

✓ Documentation matches implementation - features described in SKILL.md are accurately reflected in the code

✓ No C2 communication or suspicious network patterns

✓ No prompt injection or hidden instructions in comments

✓ No cron-based persistence or backdoor installation

✓ Subprocess usage is documented and necessary for audio playback

✓ No sensitive file access (no ~/.ssh, ~/.aws, .env scanning)

✓ No dependency vulnerabilities detected in package.json (no external npm packages required)