中文 EN
开始可信审查
安全决策报告

oracle-report

Skill contains multiple hardcoded API credentials that should use environment variables, creating significant credential exposure risk through source code visibility and process argument logging.

安装决策优先 来源: 手动上传 扫描时间: 2026/4/4
文件 3
IOC 21
越权项 1
发现 1
最直接的威胁证据
01
Hardcoded credentials visible in source code reconnaissance · scripts/oracle_report_generator.py
02
Credentials passed as subprocess arguments, visible in process listings 凭证访问 · scripts/oracle_report_generator.py
03
Attacker with repo access or process listing visibility can steal API keys 最终危害 · N/A

为什么得出这个结论

3/4 个维度触发
阻止
声明与实际能力

发现 1 项声明之外的能力或越权行为。

阻止
隐藏执行与外联

提取到 4 个高危 IOC 或外联信号。

阻止
攻击链与高危发现

报告包含 3 步攻击链,另有 1 项高危或严重发现。

通过
依赖与供应链卫生

依赖结构存在,但暂未看到明显高危告警。

攻击链

01
Hardcoded credentials visible in source code

reconnaissance · scripts/oracle_report_generator.py:114

02
Credentials passed as subprocess arguments, visible in process listings

凭证访问 · scripts/oracle_report_generator.py:340

03
Attacker with repo access or process listing visibility can steal API keys

最终危害 · N/A

风险分是怎么被拉高的

Hardcoded API credentials +25

4 API keys hardcoded in source: QVERIS_API_KEY, MX_APIKEY, TUSHARE_TOKEN, FINNHUB_API_KEY

Undeclared shell execution +10

SKILL.md does not declare subprocess usage with embedded credentials

Credential exposure through process args +10

API keys passed as command-line arguments to subprocess, visible in process listings

最关键的证据

高危 凭证窃取

Hardcoded QVeris API Key

QVERIS_API_KEY is hardcoded as 'sk-TR53nxR09FDDTyjRATrS0lHi5yT0E3SI3U2NU2JBHT0' at line 114. This should be read from environment variable as declared in SKILL.md requires section.

scripts/oracle_report_generator.py:114
Replace with: QVERIS_API_KEY = os.environ.get('QVERIS_API_KEY', '')

声明能力 vs 实际能力

文件系统 通过
声明 NONE
推断 WRITE
SKILL.md:save report to workspace
网络访问 通过
声明 NONE
推断 READ
SKILL.md:data sources declared
命令执行 阻止
声明 NONE
推断 WRITE
scripts/oracle_report_generator.py:subprocess.run commands not declared

可疑产物与外联

严重 API 密钥
sk-TR53nxR09FDDTyjRATrS0lHi5yT0E3SI3U2NU2JBHT0

scripts/oracle_report_generator.py:114

高危 API 密钥
API_KEY = "sk-TR53nxR09FDDTyjRATrS0lHi5yT0E3SI3U2NU2JBHT0"

scripts/oracle_report_generator.py:114

高危 API 密钥
APIKEY = "mkt_RyCLYiWKZNRjp-GYkkT4VhDlb9l94muesZydiL7KMXM"

scripts/oracle_report_generator.py:123

高危 API 密钥
API_KEY = "d71s571r01qpd27931ggd71s571r01qpd27931h0"

scripts/oracle_report_generator.py:125

中危 外部 URL
http://qt.gtimg.cn/q=

scripts/oracle_report_generator.py:291

中危 外部 URL
https://finance.sina.com.cn

scripts/oracle_report_generator.py:354

中危 外部 URL
https://hq.sinajs.cn/list=

scripts/oracle_report_generator.py:364

中危 外部 URL
http://qt.gtimg.cn/q=sh000001

scripts/oracle_report_generator.py:544

中危 外部 URL
https://mkapi2.dfcfs.com/finskillshub/api/claw/query

scripts/oracle_report_generator.py:622

中危 外部 URL
http://hq.sinajs.cn/list=fx_susdcny

scripts/oracle_report_generator.py:1212

中危 外部 URL
http://qt.gtimg.cn/q=r_hkHSI

scripts/oracle_report_generator.py:1340

中危 外部 URL
https://fred.stlouisfed.org/graph/fredgraph.csv?id=DGS30&cosd=

scripts/oracle_report_generator.py:1498

依赖与供应链

包名版本来源漏洞备注
akshare not pinned pip Version not specified in code, no requirements.txt
requests not pinned pip Used for HTTP requests
urllib stdlib python Standard library

文件构成

3 个文件 · 4296 行
Python 1 个文件 · 4094 行Markdown 1 个文件 · 185 行JSON 1 个文件 · 17 行
需关注文件 · 1
scripts/oracle_report_generator.py Python · 4094 行
Hardcoded QVeris API Key · sk-TR53nxR09FDDTyjRATrS0lHi5yT0E3SI3U2NU2JBHT0 · API_KEY = "sk-TR53nxR09FDDTyjRATrS0lHi5yT0E3SI3U2NU2JBHT0" · APIKEY = "mkt_RyCLYiWKZNRjp-GYkkT4VhDlb9l94muesZydiL7KMXM" · API_KEY = "d71s571r01qpd27931ggd71s571r01qpd27931h0" · http://qt.gtimg.cn/q= · https://finance.sina.com.cn · https://hq.sinajs.cn/list= · http://qt.gtimg.cn/q=sh000001 · https://mkapi2.dfcfs.com/finskillshub/api/claw/query · http://hq.sinajs.cn/list=fx_susdcny · http://qt.gtimg.cn/q=r_hkHSI · https://fred.stlouisfed.org/graph/fredgraph.csv?id=DGS30&cosd= · http://hq.sinajs.cn/list=nf_AU0 · https://finance.sina.com.cn/futuremarket/quotes/au.html · https://push2.eastmoney.com/api/qt/clist/get?pn=1&pz=50&po=1&np=1&ut=bd1d9ddb01984300aa256e6293924598&fltt=2&invt=2&fid=f3&fs=m:118&fields=f12 · http://hq.sinajs.cn/list=hf_CL · http://hq.sinajs.cn/list=nf_SC0 · https://datacenter-web.eastmoney.com/api/data/v1/get?reportName=RPT_MARGIN_FINANCE&columns=ALL&filter=&pageSize=1&pageNumber=1&sortColumns=TRADE_DATE&sortTypes=-1 · http://vip.stock.finance.sina.com.cn/quotes_service/api/json_v2.php/Market_Center.getHQNodeData?page=1&num=6000&sort=changepercent&asc=0&node=hs_a&_s_r_a=page · http://push2.eastmoney.com/api/qt/clist/get?pn=1&pz=6000&po=1&fid=f3&fs=m:0+t:6 · https://push2.eastmoney.com/api/qt/stock/fflow/kline/get?secid=1.000001&fields1=f1
其他文件 · SKILL.md · _meta.json

安全亮点

Financial data fetching is legitimate and declared in SKILL.md data sources
No evidence of credential exfiltration or data theft to external C2 servers
Uses standard financial data APIs (Tencent, Sina, AKShare, Eastmoney, FRED)
Report generation and file saving behavior aligns with documented functionality