中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 20/100
上次扫描:18 小时前 重新扫描
20 /100
fin-advisor
基金投顾助手 — 专业的基金分析、对比、推荐和交易决策支持
Legitimate fund investment advisor tool with minor documentation gaps; the slot-filling script makes undeclared network requests but no malicious behavior is observed.
技能名称fin-advisor
分析耗时59.7s
引擎pi
可以安装
Document the slot-filling HTTP POST behavior in SKILL.md and restrict Bash permissions to explicitly list slot-filling.sh usage if retained.

安全发现 2 项

严重性 安全发现 位置
低危
Undeclared network request in slot-filling script 文档欺骗
scripts/slot-filling.sh makes HTTP POST requests to SLOT_SERVICE_URL with user query data and Bearer token authorization, but this network behavior is not documented in SKILL.md or allowed-tools declaration.
curl -s -X POST "${SLOT_SERVICE_URL}" -H "Content-Type: application/json; charset=utf-8" -H "authorization: Bearer ${SLOT_SERVICE_TOKEN:-}" -d "$PAYLOAD"
→ Document the slot-filling network call in SKILL.md capabilities section, or remove the external HTTP dependency and implement slot-filling locally.
 scripts/slot-filling.sh:77
低危
Bash permission pattern too broad for mcporter 权限提升
allowed-tools declares 'Bash(mcporter:*)' which uses wildcard pattern. While mcporter is a legitimate MCP tool wrapper, the wildcard allows any mcporter subcommand invocation.
allowed-tools: Bash(mcporter:*) Read(*.md)
→ Consider specifying exact mcporter commands if the tool set is known and limited.
 SKILL.md:2
资源类型声明权限推断权限状态证据
文件系统 READ READ ✓ 一致 SKILL.md allows Read(*.md); script only reads markdown files
网络访问 NONE WRITE ✗ 越权 scripts/slot-filling.sh:77-82 makes HTTP POST to SLOT_SERVICE_URL
命令执行 WRITE WRITE ✓ 一致 Bash(mcporter:*) allows mcporter calls and slot-filling.sh execution

目录结构

9 文件 · 28.4 KB · 678 行
Markdown 8f · 552L Shell 1f · 126L
├─ 📁 references
│ ├─ 📁 personas
│ │ ├─ 📝 data-driven.md Markdown 24L · 712 B
│ │ ├─ 📝 friendly.md Markdown 24L · 1020 B
│ │ └─ 📝 professional.md Markdown 24L · 842 B
│ ├─ 📝 compliance.md Markdown 44L · 2.1 KB
│ ├─ 📝 domain-knowledge.md Markdown 102L · 4.9 KB
│ ├─ 📝 output-guide.md Markdown 100L · 2.9 KB
│ └─ 📝 tool-guide.md Markdown 88L · 5.7 KB
├─ 📁 scripts
│ └─ 🔧 slot-filling.sh Shell 126L · 3.7 KB
└─ 📝 SKILL.md Markdown 146L · 6.5 KB

安全亮点

✓ No malicious code patterns found (no base64, eval, obfuscation, reverse shell)
✓ No sensitive path access (no ~/.ssh, ~/.aws, .env reading)
✓ No credential harvesting or exfiltration
✓ No curl|bash remote script execution
✓ Script includes proper error handling and input validation
✓ Mock mode available for safe testing without external calls
✓ No external dependencies with unpinned versions
✓ Fund advisor functionality appears legitimate with proper compliance rules