中文 EN

扫描报告

扫描新文件

可信 — 风险评分 5/100
上次扫描:1 天前 重新扫描
5 /100
kai-report-creator
Generate beautiful single-file HTML reports with mixed text, charts, KPIs, timelines, diagrams, and images — zero build dependencies, mobile responsive, embeddable anywhere.
kai-report-creator is a legitimate HTML report generation skill with no malicious code, credential access, or hidden functionality.
技能名称kai-report-creator
分析耗时41.1s
引擎pi
可以安装
Approve for use. No security concerns identified.
资源类型声明权限推断权限状态证据
文件系统 WRITE WRITE ✓ 一致 SKILL.md declares Write tool for output HTML files and IR files
网络访问 READ READ ✓ 一致 SKILL.md references WebFetch for --from <URL> and CDN libraries in templates
命令执行 NONE NONE No subprocess/os.system calls found; export-image.py uses only Playwright sync_a…
技能调用 NONE NONE No cross-skill invocations found
浏览器 READ READ ✓ 一致 SKILL.md: --export-image uses Playwright chromium; scripts/export-image.py launc…
22 项发现
🔗
中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/en/corporate-blue.html
README.md:98
🔗
中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/en/minimal.html
README.md:99
🔗
中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/en/dark-tech.html
README.md:102
🔗
中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/en/dark-board.html
README.md:103
🔗
中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/en/data-story.html
README.md:106
🔗
中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/en/newspaper.html
README.md:107
🔗
中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/zh/corporate-blue.html
README.zh-CN.md:98
🔗
中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/zh/minimal.html
README.zh-CN.md:99
🔗
中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/zh/dark-tech.html
README.zh-CN.md:102
🔗
中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/zh/dark-board.html
README.zh-CN.md:103
🔗
中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/zh/data-story.html
README.zh-CN.md:106
🔗
中危 外部 URL 外部 URL
https://kaisersong.github.io/kai-report-creator/templates/zh/newspaper.html
README.zh-CN.md:107
🔗
中危 外部 URL 外部 URL
http://www.w3.org/2000/svg
references/rendering-rules.md:276
🔗
中危 外部 URL 外部 URL
https://api.saasplatform.example.com/v1
templates/en/corporate-blue.html:610
🔗
中危 外部 URL 外部 URL
https://placehold.co/860x400/E3EDFF/1A56DB?text=Product+Architecture+Overview
templates/en/corporate-blue.html:701
🔗
中危 外部 URL 外部 URL
https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/styles/github-dark.min.css
templates/en/dark-tech.html:8
🔗
中危 外部 URL 外部 URL
https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/highlight.min.js
templates/en/dark-tech.html:9
🔗
中危 外部 URL 外部 URL
https://placehold.co/860x400/1E293B/818CF8?text=System+Topology+Diagram
templates/en/dark-tech.html:746
🔗
中危 外部 URL 外部 URL
https://placehold.co/860x400/F3F4F6/9CA3AF?text=Satisfaction+Heatmap
templates/en/minimal.html:631
🔗
中危 外部 URL 外部 URL
https://api.aiprod.example.com/v1
templates/zh/corporate-blue.html:626
🔗
中危 外部 URL 外部 URL
https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/styles/github.min.css
templates/zh/minimal.html:8
🔗
中危 外部 URL 外部 URL
https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/languages/python.min.js
templates/zh/minimal.html:10

目录结构

52 文件 · 844.9 KB · 15540 行
HTML 18f · 11353L Markdown 16f · 3106L Python 7f · 703L CSS 8f · 344L Shell 1f · 25L Config 1f · 6L Text 1f · 3L
├─ 📁 docs
│ └─ 📁 superpowers
│ └─ 📁 specs
│ ├─ 📝 2026-04-02-content-aware-components-design.md Markdown 92L · 4.8 KB
│ └─ 📝 2026-04-04-kai-report-color-system-design.md Markdown 324L · 10.2 KB
├─ 📁 examples
│ ├─ 📁 en
│ │ ├─ 📄 business-report.html HTML 462L · 23.6 KB
│ │ └─ 📄 monthly-progress.html HTML 301L · 16.2 KB
│ ├─ 📁 zh
│ │ ├─ 📄 business-report.html HTML 469L · 23.1 KB
│ │ └─ 📄 monthly-progress.html HTML 290L · 15.6 KB
│ ├─ 📝 business-report.report.md Markdown 61L · 1.4 KB
│ ├─ 📝 research-report.report.md Markdown 46L · 1.7 KB
│ └─ 📝 tech-doc.report.md Markdown 64L · 1.7 KB
├─ 📁 references
│ ├─ 📝 design-quality.md Markdown 119L · 6.7 KB
│ ├─ 📝 html-shell-template.md Markdown 691L · 40.9 KB
│ ├─ 📝 rendering-rules.md Markdown 323L · 15.4 KB
│ ├─ 📝 theme-css.md Markdown 40L · 2.3 KB
│ └─ 📝 toc-and-template.md Markdown 37L · 1.9 KB
├─ 📁 scripts
│ └─ 🐍 export-image.py Python 160L · 5.9 KB
├─ 📁 templates
│ ├─ 📁 en
│ │ ├─ 📄 corporate-blue.html HTML 1073L · 59.4 KB
│ │ ├─ 📄 dark-board.html HTML 661L · 39.8 KB
│ │ ├─ 📄 dark-tech.html HTML 1040L · 59.1 KB
│ │ ├─ 📄 data-story.html HTML 484L · 32.5 KB
│ │ ├─ 📄 minimal.html HTML 1006L · 56.0 KB
│ │ └─ 📄 newspaper.html HTML 586L · 35.7 KB
│ ├─ 📁 themes
│ │ ├─ 📄 corporate-blue.css CSS 20L · 1.6 KB
│ │ ├─ 📄 dark-board.css CSS 31L · 2.5 KB
│ │ ├─ 📄 dark-tech.css CSS 16L · 1.2 KB
│ │ ├─ 📄 data-story.css CSS 22L · 1.7 KB
│ │ ├─ 📄 minimal.css CSS 14L · 1.1 KB
│ │ ├─ 📄 newspaper.css CSS 26L · 2.0 KB
│ │ └─ 📄 shared.css CSS 181L · 10.7 KB
│ └─ 📁 zh
│ ├─ 📄 corporate-blue.html HTML 1099L · 59.0 KB
│ ├─ 📄 dark-board.html HTML 672L · 39.8 KB
│ ├─ 📄 dark-tech.html HTML 961L · 54.3 KB
│ ├─ 📄 data-story.html HTML 485L · 32.8 KB
│ ├─ 📄 minimal.html HTML 902L · 51.3 KB
│ └─ 📄 newspaper.html HTML 585L · 35.1 KB
├─ 📁 tests
│ ├─ 📁 fixtures
│ │ ├─ 📄 color_system_report.html HTML 99L · 2.9 KB
│ │ └─ 📄 minimal_report.html HTML 178L · 6.3 KB
│ ├─ 🐍 __init__.py Python 0 B
│ ├─ 🐍 conftest.py Python 49L · 1.2 KB
│ ├─ 🐍 test_color_system_contract.py Python 68L · 2.4 KB
│ ├─ 🐍 test_color_system_docs.py Python 63L · 2.8 KB
│ ├─ 🐍 test_export_config.py Python 114L · 4.9 KB
│ └─ 🐍 test_screenshot_behavior.py Python 249L · 10.7 KB
├─ 📁 themes
│ ├─ 📁 _example-warm-editorial
│ │ ├─ 📝 reference.md Markdown 60L · 1.7 KB
│ │ └─ 📄 theme.css CSS 34L · 923 B
│ ├─ 📝 README.md Markdown 104L · 2.5 KB
│ └─ 📝 README.zh-CN.md Markdown 104L · 2.7 KB
├─ 📄 pytest.ini Config 6L · 125 B
├─ 📝 README.md Markdown 370L · 19.8 KB
├─ 📝 README.zh-CN.md Markdown 370L · 19.2 KB
├─ 📄 requirements-test.txt Text 3L · 52 B
├─ 🔧 run_tests.sh Shell 25L · 864 B
└─ 📝 SKILL.md Markdown 301L · 18.7 KB

依赖分析 3 项

包名版本来源已知漏洞备注
playwright >=1.40 pip Version not pinned; test-only dependency required by --export-image; gracefully handled if absent
pytest >=7.0 pip Test-only dependency, not installed by the skill itself
pytest-playwright >=0.4 pip Test-only dependency, not installed by the skill itself

安全亮点

✓ No subprocess, os.system, or shell execution calls in any Python script
✓ No credential harvesting, environment variable iteration for secrets, or sensitive path access
✓ No base64-encoded payloads or obfuscated code
✓ No reverse shell, C2, or data exfiltration patterns
✓ No hidden HTML instructions or prompt injection vectors
✓ Playwright dependency is documented and gracefully handled (ImportError with clear install instructions)
✓ No remote script execution (curl|bash, wget|sh)
✓ All functionality is clearly documented in SKILL.md with consistent doc-to-code alignment
✓ Test infrastructure uses standard pytest with no elevation of privileges
✓ External URLs are limited to legitimate CDN resources (highlight.js, Chart.js, ECharts) and placeholder images — no code delivery from external sources