中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 15/100
上次扫描:1 天前 重新扫描
15 /100
openclaw-model-rankings
本地化 OpenRouter 模型目录与问答筛选 Skill。用于 openrouter 模型选型/价格对比/模型排行推荐等场景。
A benign OpenRouter model catalog fetcher that reads API data and writes normalized JSON, with no malicious indicators found.
技能名称openclaw-model-rankings
分析耗时35.8s
引擎pi
可以安装
Approve for use. Pin the `requests` dependency to a specific version for better supply chain hygiene.

安全发现 2 项

严重性 安全发现 位置
低危
Unpinned requests dependency 供应链
The script imports 'requests' without a version constraint. While requests itself is a well-maintained package, unpinned dependencies can lead to supply chain risks if a malicious version is published to PyPI.
import requests
→ Add a requirements.txt or use pip freeze / poetry / pdm to pin requests to a known-good version (e.g., requests>=2.31.0)
 scripts/fetch-rankings.py:11
低危
Filesystem WRITE not explicitly declared 文档欺骗
SKILL.md declares 'permission: read' for the fetch-rankings tool, but the implementation writes to data/model-catalog.json. This is a minor doc-to-code mismatch, though the write is clearly in support of the documented data feature.
permission: read
→ Update SKILL.md to declare filesystem:WRITE since the tool writes a local JSON catalog
 SKILL.md:9
资源类型声明权限推断权限状态证据
网络访问 READ READ ✓ 一致 scripts/fetch-rankings.py:16 requests.get(API_URL)
文件系统 READ WRITE ✓ 一致 scripts/fetch-rankings.py:241 CATALOG_PATH.open('w') — writes JSON, but directly…
命令执行 NONE NONE No subprocess, os.system, or shell execution found
环境变量 NONE READ ✓ 一致 scripts/fetch-rankings.py:305 reads OPENROUTER_API_KEY — declared in docs as opt…
1 项发现
🔗
中危 外部 URL 外部 URL
https://openrouter.ai/api/v1/models
scripts/fetch-rankings.py:16

目录结构

2 文件 · 13.0 KB · 391 行
Python 1f · 313L Markdown 1f · 78L
├─ 📁 scripts
│ └─ 🐍 fetch-rankings.py Python 313L · 10.2 KB
└─ 📝 SKILL.md Markdown 78L · 2.8 KB

依赖分析 1 项

包名版本来源已知漏洞备注
requests * pip Version not pinned — no requirements.txt or lock file found

安全亮点

✓ No shell execution, subprocess, or system command invocation found
✓ No credential harvesting or environment variable exfiltration — OPENROUTER_API_KEY is used only to authenticate the API request
✓ No obfuscation (no base64, eval, or encoded strings)
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env secrets)
✓ No external IP or C2 communication — all network traffic goes to the legitimate OpenRouter API endpoint
✓ No persistence mechanisms (no cron, startup hooks, or backdoors)
✓ Data write is directly tied to the documented feature (local model catalog)