free-scaling 安全扫描报告 — 低风险 | ClawSafe

12 /100

free-scaling

$0 test-time scaling with online learning. Classify, generate, and verify using free model ensembles via NVIDIA NIM

Legitimate AI ensemble classification/generation tool using NVIDIA NIM APIs with optional Copilot integration. All functionality is properly documented; credential access is limited to necessary GitHub token refresh for Copilot features.

技能名称free-scaling

分析耗时47.7s

引擎pi

✓

可以安装

This skill is safe to use. Ensure GitHub OAuth tokens are protected at rest and audit ~/.openclaw credential files for proper permissions.

安全发现 2 项

严重性	安全发现	位置
低危	GitHub OAuth token access for Copilot integration 敏感访问 Code reads ghu_* tokens from ~/.openclaw/agents//agent/auth-profiles.json to refresh Copilot session tokens. This is necessary for the documented cp- model aliases feature. `if tok.startswith("ghu_"): oauth_token = tok` → Ensure credential files have restricted permissions (600) and are not world-readable	`nim_ensemble/voter.py:79`
提示	Optional Copilot feature properly documented 文档欺骗 SKILL.md mentions 'Optional: GitHub Copilot token for cp-* model aliases' which aligns with the code's Copilot refresh functionality. Optional: GitHub Copilot token for `cp-*` model aliases → No action needed - documentation is accurate	`SKILL.md:28`

资源类型	声明权限	推断权限	状态	证据
网络访问	`READ`	`READ`	✓ 一致	SKILL.md:line1 - Uses NIM/Copilot APIs
文件系统	`NONE`	`READ`	✓ 一致	nim_ensemble/voter.py:79-108 - Reads GitHub auth-profiles.json and token cache
环境变量	`READ`	`READ`	✓ 一致	voter.py:60 - Reads NVIDIA_API_KEY only
命令执行	`NONE`	`NONE`	—	No subprocess/eval/exec found

3 项发现

🔗

中危外部 URL 外部 URL

https://build.nvidia.com

README.md:3

🔗

中危外部 URL 外部 URL

https://integrate.api.nvidia.com/v1/chat/completions

nim_ensemble/models.py:3

🔗

中危外部 URL 外部 URL

https://api.individual.githubcopilot.com/chat/completions

nim_ensemble/voter.py:39

目录结构

18 文件 · 171.9 KB · 4916 行

Python 16f · 4526L Markdown 2f · 390L

├─ ▾ 📁 nim_ensemble

│ ├─ 🐍 __init__.py Python 57L · 1.9 KB

│ ├─ 🐍 benchmark.py Python 385L · 13.3 KB

│ ├─ 🐍 capability_map.py Python 401L · 15.1 KB

│ ├─ 🐍 cascade.py Python 702L · 26.0 KB

│ ├─ 🐍 cli.py Python 227L · 8.1 KB

│ ├─ 🐍 elo.py Python 247L · 7.9 KB

│ ├─ 🐍 evolve.py Python 103L · 3.4 KB

│ ├─ 🐍 feedback.py Python 294L · 9.7 KB

│ ├─ 🐍 generate.py Python 338L · 11.7 KB

│ ├─ 🐍 health.py Python 124L · 3.9 KB

│ ├─ 🐍 models.py Python 206L · 5.9 KB

│ ├─ 🐍 parser.py Python 111L · 4.0 KB

│ └─ 🐍 voter.py Python 453L · 15.2 KB

├─ ▾ 📁 presets

│ ├─ 🐍 __init__.py Python 1L · 59 B

│ └─ 🐍 audit.py Python 391L · 14.1 KB

├─ ▾ 📁 tests

│ └─ 🐍 test_core.py Python 486L · 18.2 KB

├─ 📝 README.md Markdown 194L · 6.7 KB

└─ 📝 SKILL.md Markdown 196L · 6.8 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`stdlib-only`	`N/A`	Python 3.10+ stdlib	否	No external pip dependencies - uses urllib.request for HTTP

安全亮点

✓ No shell execution, subprocess, eval, or exec patterns found

✓ Uses stdlib only (no pip dependencies) - minimal supply chain risk

✓ All external API calls go to legitimate NVIDIA NIM and GitHub Copilot endpoints

✓ No base64-encoded payloads or obfuscated code

✓ No data exfiltration to unknown infrastructure

✓ No credential theft beyond what's necessary for documented features

✓ No persistence mechanisms (no cron, startup hooks, or backdoors)

✓ ThreadPoolExecutor used correctly for parallel API calls with proper error handling