中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 15/100
上次扫描:1 天前 重新扫描
15 /100
yaoyao-memory
四层渐进式长时记忆系统,让 AI 跨会话保持上下文、沉淀知识、持续进化
Legitimate memory management skill with straightforward file operations and declared IMA sync capability. Minor documentation issues but no malicious behavior.
技能名称yaoyao-memory
分析耗时44.2s
引擎pi
可以安装
Safe to use. Consider clarifying the IMA credential requirements and the rm command in documentation for better user understanding.

安全发现 3 项

严重性 安全发现 位置
低危
IMA credential access not formally declared 文档欺骗
The skill accesses IMA credentials from environment variables and ~/.config/ima/ files but this is only explained in usage text, not formally declared as a capability.
client_id = os.environ.get('IMA_OPENAPI_CLIENTID')
→ Add environment:READ to declared capabilities if this access is considered a resource usage.
 scripts/sync_ima.py:13
低危
Dangerous rm commands in documentation 文档欺骗
SKILL.md line 887 shows 'rm -rf ~' style commands in the uninstall section. This is for user guidance but uses dangerous patterns.
rm -rf ~/.openclaw/workspace/MEMORY.md
→ Use safer deletion patterns or clarify these are user commands, not skill execution.
 SKILL.md:887
提示
IMA credentials stored in plain text files 敏感访问
The documentation instructs users to store API credentials in plain text files at ~/.config/ima/. While this is a common pattern, it could be improved with a warning about file permissions.
echo 'your_client_id' > ~/.config/ima/client_id
→ Add note about setting file permissions (chmod 600) for credential files.
 SKILL.md:45
资源类型声明权限推断权限状态证据
文件系统 WRITE WRITE ✓ 一致 All scripts use pathlib for file operations
网络访问 NONE READ ✓ 一致 sync_ima.py:52 makes HTTP POST to ima.qq.com
环境变量 NONE READ ✓ 一致 sync_ima.py:13-19 reads IMA_OPENAPI_* env vars
命令执行 NONE NONE No subprocess or shell commands in code
1 严重 3 项发现
💀
严重 危险命令 危险 Shell 命令
rm -rf ~
SKILL.md:887
🔗
中危 外部 URL 外部 URL
https://ima.qq.com/agent-interface
SKILL.md:31
🔗
中危 外部 URL 外部 URL
https://ima.qq.com/
scripts/sync_ima.py:40

目录结构

10 文件 · 78.4 KB · 2711 行
Python 7f · 1517L Markdown 3f · 1194L
├─ 📁 references
│ ├─ 📝 heartbeat-maintenance.md Markdown 125L · 2.7 KB
│ └─ 📝 memory-lifecycle.md Markdown 113L · 2.4 KB
├─ 📁 scripts
│ ├─ 🐍 cleanup.py Python 142L · 4.5 KB
│ ├─ 🐍 generate_index.py Python 196L · 5.9 KB
│ ├─ 🐍 init_memory.py Python 379L · 11.0 KB
│ ├─ 🐍 migrate.py Python 129L · 4.1 KB
│ ├─ 🐍 promote.py Python 224L · 6.9 KB
│ ├─ 🐍 summarize.py Python 219L · 6.6 KB
│ └─ 🐍 sync_ima.py Python 228L · 7.6 KB
└─ 📝 SKILL.md Markdown 956L · 26.6 KB

安全亮点

✓ No subprocess or shell command execution in code
✓ No base64 encoding, obfuscation, or anti-analysis techniques
✓ No credential exfiltration - IMA keys stay local for API authentication only
✓ Clean Python standard library usage (pathlib, json, urllib)
✓ All file operations are within documented workspace scope
✓ No network calls to unknown/undeclared external IPs
✓ Supports --dry-run for safe preview of destructive operations
✓ No hidden functionality - all scripts are straightforward file/text processing