openclaw-model-rankings Security Report — Low Risk | ClawSafe

15 /100

openclaw-model-rankings

本地化 OpenRouter 模型目录与问答筛选 Skill。用于 openrouter 模型选型/价格对比/模型排行推荐等场景。

A benign OpenRouter model catalog fetcher that reads API data and writes normalized JSON, with no malicious indicators found.

Skill Nameopenclaw-model-rankings

Duration35.8s

Enginepi

✓

Safe to install

Approve for use. Pin the `requests` dependency to a specific version for better supply chain hygiene.

Findings 2 items

Severity	Finding	Location
Low	Unpinned requests dependency Supply Chain The script imports 'requests' without a version constraint. While requests itself is a well-maintained package, unpinned dependencies can lead to supply chain risks if a malicious version is published to PyPI. `import requests` → Add a requirements.txt or use pip freeze / poetry / pdm to pin requests to a known-good version (e.g., requests>=2.31.0)	`scripts/fetch-rankings.py:11`
Low	Filesystem WRITE not explicitly declared Doc Mismatch SKILL.md declares 'permission: read' for the fetch-rankings tool, but the implementation writes to data/model-catalog.json. This is a minor doc-to-code mismatch, though the write is clearly in support of the documented data feature. `permission: read` → Update SKILL.md to declare filesystem:WRITE since the tool writes a local JSON catalog	`SKILL.md:9`

Resource	Declared	Inferred	Status	Evidence
Network	`READ`	`READ`	✓ Aligned	scripts/fetch-rankings.py:16 requests.get(API_URL)
Filesystem	`READ`	`WRITE`	✓ Aligned	scripts/fetch-rankings.py:241 CATALOG_PATH.open('w') — writes JSON, but directly…
Shell	`NONE`	`NONE`	—	No subprocess, os.system, or shell execution found
Environment	`NONE`	`READ`	✓ Aligned	scripts/fetch-rankings.py:305 reads OPENROUTER_API_KEY — declared in docs as opt…

1 findings

🔗

Medium External URL 外部 URL

https://openrouter.ai/api/v1/models

scripts/fetch-rankings.py:16

2 files · 13.0 KB · 391 lines

Python 1f · 313L Markdown 1f · 78L

├─ ▾ 📁 scripts

│ └─ 🐍 fetch-rankings.py Python 313L · 10.2 KB

└─ 📝 SKILL.md Markdown 78L · 2.8 KB

Package	Version	Source	Known Vulns	Notes
`requests`	`*`	pip	No	Version not pinned — no requirements.txt or lock file found

✓ No shell execution, subprocess, or system command invocation found

✓ No credential harvesting or environment variable exfiltration — OPENROUTER_API_KEY is used only to authenticate the API request

✓ No obfuscation (no base64, eval, or encoded strings)

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env secrets)

✓ No external IP or C2 communication — all network traffic goes to the legitimate OpenRouter API endpoint

✓ No persistence mechanisms (no cron, startup hooks, or backdoors)

✓ Data write is directly tied to the documented feature (local model catalog)