中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 20/100
上次扫描:2 天前 重新扫描
20 /100
VIN Recognition OCR - VIN识别
对车架号/VIN 图片做识别并返回 VIN 及品牌厂家等信息
A straightforward VIN OCR skill that reads local images and POSTs them to a third-party API. No malicious behavior, but undocumented network and filesystem access warrant declaration.
技能名称VIN Recognition OCR - VIN识别
分析耗时29.3s
引擎pi
可以安装
Add 'network:WRITE' and 'filesystem:READ' to the skill's declared capabilities in SKILL.md to accurately reflect what the script does.

安全发现 6 项

严重性 安全发现 位置
低危
Undeclared outbound network access
The script makes HTTPS POST requests to https://api.jisuapi.com/vinrecognition/recognize to perform VIN OCR, but SKILL.md only describes the feature without declaring network:WRITE access.
resp = requests.post(VIN_RECOG_URL, params=params, data=data, timeout=15)
→ Add 'network:WRITE' to the skill's metadata and documentation to accurately reflect the capability requirement.
 vinrecognition.py:47
低危
Undeclared local filesystem read access
The script reads local image files from disk (path/image/file fields) and converts them to base64 before sending to the API. SKILL.md does not declare filesystem:READ.
with open(path, 'rb') as f:
    raw = f.read()
→ Add 'filesystem:READ' to the skill's declared capabilities since the skill reads local files for image processing.
 vinrecognition.py:95
提示
Path traversal protection present
The _normalize_local_path function correctly blocks absolute paths and '..' path traversal, preventing reads outside the working directory. This is good security hygiene.
if norm.startswith('..') or norm == '..':
→ None — this is a positive security finding.
 vinrecognition.py:17
提示
Credential from environment only
The API key is read exclusively from the JISU_API_KEY environment variable at runtime. No hardcoded credentials are present in the source code.
appkey = os.getenv('JISU_API_KEY')
→ None — this is a positive security finding.
 vinrecognition.py:120
提示
API key validated before use
The script exits early with a clear error message if JISU_API_KEY is not set, preventing silent failures or credential leakage.
if not appkey:
    print('Error: JISU_API_KEY must be set in environment.', file=sys.stderr)
    sys.exit(1)
→ None — this is a positive security finding.
 vinrecognition.py:122
提示
No data exfiltration detected
The script only sends image data to the declared JisuAPI endpoint and returns structured OCR results. No credential forwarding, key iteration, or secondary exfiltration channels exist.
resp = requests.post(VIN_RECOG_URL, params=params, data=data, timeout=15)
→ None — this is a positive security finding.
 vinrecognition.py:47
资源类型声明权限推断权限状态证据
网络访问 NONE WRITE ✓ 一致 vinrecognition.py:47 — requests.post(VIN_RECOG_URL, ...)
文件系统 NONE READ ✓ 一致 vinrecognition.py:95 — open(path, 'rb')
环境变量 READ READ ✓ 一致 vinrecognition.py:120 — os.getenv('JISU_API_KEY')
命令执行 NONE NONE
1 高危 4 项发现
🔑
高危 API 密钥 疑似硬编码凭证
API_KEY="your_appkey_here"
SKILL.md:26
🔗
中危 外部 URL 外部 URL
https://www.jisuapi.com/
SKILL.md:9
🔗
中危 外部 URL 外部 URL
https://www.jisuapi.com/api/vinrecognition/
SKILL.md:19
🔗
中危 外部 URL 外部 URL
https://api.jisuapi.com/vinrecognition/recognize
vinrecognition.py:17

目录结构

2 文件 · 10.4 KB · 304 行
Python 1f · 159L Markdown 1f · 145L
├─ 📝 SKILL.md Markdown 145L · 5.8 KB
└─ 🐍 vinrecognition.py Python 159L · 4.6 KB

依赖分析 1 项

包名版本来源已知漏洞备注
requests * pip Version not pinned; no known vulnerabilities at time of analysis

安全亮点

✓ Path traversal protection prevents reading files outside the working directory
✓ API key is read exclusively from environment variable, not hardcoded
✓ Script validates API key presence before making any network calls
✓ No credential harvesting or iteration over environment variables
✓ No subprocess, shell execution, or eval usage
✓ No hidden HTML comments or steganographic payloads
✓ No curl|bash or wget|sh remote script execution
✓ No access to sensitive paths like ~/.ssh, ~/.aws, or .env
✓ HTTPS is used for the external API call
✓ Timeout of 15 seconds prevents indefinite hanging