扫描报告
15 /100
agent-vitamins
Daily self-improvement for AI agents. Fetches curated briefs from Agent Vitamins with actionable improvements.
A legitimate documentation-only skill that fetches curated AI agent improvement briefs via MCP tools. No code execution, filesystem access, or credential handling. External service reference is clearly disclosed.
可以安装
Safe to use. The skill is well-documented and requires user approval before any recommended improvements are implemented.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | NONE | — | No filesystem access declared or inferred |
| 网络访问 | NONE | NONE | — | Network access delegated to MCP server; skill only provides recommendations |
| 命令执行 | NONE | NONE | — | No shell execution in skill |
| 环境变量 | NONE | NONE | — | No environment variable access |
| 技能调用 | NONE | NONE | — | Skill only makes recommendations, does not invoke other skills |
| 剪贴板 | NONE | NONE | — | No clipboard access |
| 浏览器 | NONE | NONE | — | No browser automation |
| 数据库 | NONE | NONE | — | No database access |
1 项发现
中危 外部 URL 外部 URL
https://agentvitamins.com SKILL.md:32 目录结构
1 文件 · 5.1 KB · 138 行 Markdown 1f · 138L
└─
SKILL.md
Markdown
依赖分析 1 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
mcp-agent-vitamins | not specified | npm (npx) | 否 | External MCP package; verify integrity before use |
安全亮点
✓ Clear documentation with well-defined behavior and rules
✓ User approval required before implementing any recommendations
✓ No automatic code execution - purely advisory role
✓ No filesystem, shell, or credential access
✓ Transparent about external service dependency (agentvitamins.com)
✓ Honest skipping policy documented - explains why items are skipped