扫描报告
5 /100
amber-hunter
Local AI long-term memory and context management skill for Huper ecosystem
Amber-Hunter is a legitimate local-first AI memory management skill with proper encryption (AES-256-GCM), OS keychain credential storage, and declared cloud sync with E2E encryption.
可以安装
This skill is safe to use. The cloud sync to huper.org is optional and all data is encrypted before transmission. No malicious behavior detected.
安全发现 2 项
| 严重性 | 安全发现 | 位置 |
|---|---|---|
| 提示 | All capabilities are properly documented 文档欺骗 | SKILL.md:1 |
| 提示 | Credential storage follows security best practices 凭证窃取 | core/keychain.py:1 |
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | READ | READ | ✓ 一致 | Reads session files from ~/.openclaw/agents/main/sessions/ |
| 网络访问 | READ | READ | ✓ 一致 | POST to localhost:18998 and https://huper.org/api/ingest; both documented |
| 命令执行 | NONE | NONE | — | No shell execution from skill code; subprocess only used for keychain tools (sec… |
| 环境变量 | READ | READ | ✓ 一致 | Reads AMBER_TOKEN and MINIMAX_API_KEY from env; documented |
| 数据库 | READ | READ | ✓ 一致 | SQLite in ~/.amber-hunter/hunter.db; local only |
8 项发现
中危 外部 URL 外部 URL
https://huper.org CHANGELOG.md:339 中危 外部 URL 外部 URL
https://huper.org/dashboard README.md:33 中危 外部 URL 外部 URL
https://huper.org/api README.md:43 中危 外部 URL 外部 URL
https://huper.org/api/ingest SKILL.md:73 中危 外部 URL 外部 URL
http://127.0.0.1:18998 amber_hunter.py:736 中危 外部 URL 外部 URL
https://api.minimaxi.com/anthropic/v1/messages core/llm.py:130 中危 外部 URL 外部 URL
https://api.groq.com/openai/v1/chat/completions core/llm.py:632 中危 外部 URL 外部 URL
https://api.minimaxi.com/anthropic core/llm.py:700 目录结构
35 文件 · 356.5 KB · 9281 行 Python 20f · 6861L
Markdown 7f · 1204L
JavaScript 3f · 712L
Shell 3f · 325L
TypeScript 1f · 166L
Text 1f · 13L
├─
▾
core
│ ├─
__init__.py
Python
│ ├─
correction.py
Python
│ ├─
crypto.py
Python
│ ├─
db.py
Python
│ ├─
extractor.py
Python
│ ├─
keychain.py
Python
│ ├─
llm.py
Python
│ ├─
models.py
Python
│ ├─
profile.py
Python
│ ├─
session.py
Python
│ ├─
vector.py
Python
│ └─
wal.py
Python
├─
▾
proactive
│ ├─
▾
hooks
│ │ └─
▾
openclaw
│ │ ├─
handler.js
JavaScript
│ │ ├─
handler.ts
TypeScript
│ │ └─
HOOK.md
Markdown
│ ├─
▾
scripts
│ │ └─
proactive-check.js
JavaScript
│ ├─
proactive-check.js
JavaScript
│ └─
README.md
Markdown
├─
▾
tests
│ ├─
▾
test_api
│ │ ├─
__init__.py
Python
│ │ ├─
test_recall.py
Python
│ │ └─
test_status.py
Python
│ ├─
__init__.py
Python
│ ├─
conftest.py
Python
│ ├─
test_crypto.py
Python
│ └─
test_sync.py
Python
├─
amber_hunter.py
Python
├─
CHANGELOG.md
Markdown
├─
CLAUDE.md
Markdown
├─
freeze.sh
Shell
├─
install.sh
Shell
├─
README.md
Markdown
├─
RELEASE_CHECKLIST.md
Markdown
├─
release.sh
Shell
├─
requirements.txt
Text
└─
SKILL.md
Markdown
依赖分析 8 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
fastapi | 0.115.0 | pip | 否 | Version pinned |
uvicorn | 0.30.0 | pip | 否 | Version pinned |
pydantic | 2.9.0 | pip | 否 | Version pinned |
cryptography | 43.0.0 | pip | 否 | Version pinned |
httpx | 0.27.0 | pip | 否 | Version pinned |
sentence-transformers | >=2.2.0 | pip | 否 | Lower bound only |
numpy | >=1.24.0 | pip | 否 | Lower bound only |
lancedb | >=0.4.0 | pip | 否 | Lower bound only |
安全亮点
✓ AES-256-GCM encryption for all stored data with salt and nonce
✓ Master password stored in OS keychain (macOS security, Linux secret-tool, Windows cmdkey)
✓ E2E encryption before cloud sync upload
✓ Bearer token authentication for all sensitive endpoints
✓ CORS restricted to https://huper.org and localhost only
✓ Subprocess used only for legitimate tools (security CLI, secret-tool, curl for LLM calls)
✓ No eval(), exec(), or base64 execution of arbitrary code
✓ No access to sensitive paths like ~/.ssh, ~/.aws, or .env files
✓ No reverse shell, C2 communication, or hidden exfiltration
✓ Open source with clear documentation