中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:2 days ago Rescan
5 /100
workwork
Academic review writer and formatting assistant for Chinese academic papers
This is a legitimate academic document processing skill with properly declared filesystem and network access for reference checking and document generation. No malicious behavior detected.
Skill Nameworkwork
Duration40.6s
Enginepi
Safe to install
This skill is safe to use for its documented purpose of academic paper validation and formatting.
ResourceDeclaredInferredStatusEvidence
Filesystem READ READ ✓ Aligned SKILL.md declares file reading for markdown input
Filesystem WRITE WRITE ✓ Aligned SKILL.md declares report generation and file output
Network READ READ ✓ Aligned api.crossref.org calls for reference verification are documented
Shell WRITE WRITE ✓ Aligned Auto-open functionality uses subprocess, declared in docs
2 findings
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/wordprocessingml/2006/main
scripts/extract_ref_format.py:20
🔗
Medium External URL 外部 URL
https://api.crossref.org/works?query=
scripts/literature_integrity_checker.py:299

File Tree

25 files · 221.1 KB · 6621 lines
Python 14f · 4131L Markdown 7f · 1818L JavaScript 2f · 530L YAML 1f · 88L JSON 1f · 54L
├─ 📁 references
│ ├─ 📝 features_checklist.md Markdown 464L · 11.7 KB
│ └─ 📝 workflow_guide.md Markdown 415L · 11.1 KB
├─ 📁 scripts
│ ├─ 🐍 analyze_citation_pattern.py Python 224L · 8.1 KB
│ ├─ 🐍 check_duplicate_citations.py Python 130L · 4.3 KB
│ ├─ 📜 create_word_doc_v3.js JavaScript 175L · 4.3 KB
│ ├─ 📜 create_word_with_superscript.js JavaScript 355L · 9.4 KB
│ ├─ 🐍 document_format_checker.py Python 544L · 19.8 KB
│ ├─ 🐍 extract_and_fix_references.py Python 118L · 3.3 KB
│ ├─ 🐍 extract_ref_format.py Python 34L · 889 B
│ ├─ 🐍 filter_references.py Python 116L · 3.3 KB
│ ├─ 🐍 literature_integrity_checker_auto_open.py Python 361L · 13.8 KB
│ ├─ 🐍 literature_integrity_checker.py Python 520L · 20.5 KB
│ ├─ 🐍 merge_duplicate_citations_in_paragraphs.py Python 188L · 6.3 KB
│ ├─ 🐍 reference_accuracy_checker.py Python 468L · 16.7 KB
│ ├─ 🐍 reference_formatter.py Python 474L · 17.6 KB
│ ├─ 🐍 simple_verify.py Python 96L · 2.8 KB
│ ├─ 🐍 typo_grammar_checker.py Python 396L · 13.8 KB
│ └─ 🐍 unified_checker.py Python 462L · 16.4 KB
├─ 📁 templates
│ └─ 📋 ref_format_default.yml YAML 88L · 2.3 KB
├─ 📝 CHANGELOG.md Markdown 170L · 4.8 KB
├─ 📋 package.json JSON 54L · 1.8 KB
├─ 📝 README.md Markdown 214L · 6.5 KB
├─ 📝 SKILL.md Markdown 476L · 18.1 KB
├─ 📝 test_sample_with_errors.md Markdown 22L · 587 B
└─ 📝 test_sample.md Markdown 57L · 2.8 KB

Dependencies 3 items

PackageVersionSourceKnown VulnsNotes
docx ^9.6.1 npm No Standard document generation library
pyyaml * pip No For configuration file parsing
python-docx * pip No Optional, for Word document manipulation

Security Positives

✓ No credential harvesting or environment variable access
✓ No base64 encoded commands or obfuscated payloads
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)
✓ No remote code execution patterns (curl|bash, wget|sh)
✓ No data exfiltration or C2 communications
✓ No reverse shell capabilities
✓ All subprocess/network operations are documented and relevant to the skill's purpose
✓ Uses standard libraries (urllib, subprocess) with legitimate academic document processing
✓ No hidden functionality - all capabilities match documentation