中文 EN

Scan Report

Scan New Files

Low Risk — Risk Score 15/100
Last scan:17 hr ago Rescan
15 /100
ClawChimera · 融合怪测试 ECS
基于 oneclickvirt/ecs 的 VPS 全方位性能与网络测试 Skill,支持 CPU/内存/磁盘基准、流媒体解锁、IP 质量、三网路由等 12 项测试。
This is a legitimate open-source VPS benchmarking tool (oneclickvirt/ecs) with clear documentation, MIT-0 license, and publicly verifiable GitHub source. The main concern is that the default `-upload=true` behavior sends test results to a public pastebin without explicit emphasis in SKILL.md.
Skill NameClawChimera · 融合怪测试 ECS
Duration48.8s
Enginepi
Safe to install
Consider explicitly documenting the default upload behavior and adding `-upload=false` as the safer default, or prompting for user confirmation before uploading.

Findings 4 items

Severity Finding Location
Low
Upload-to-pastebin default not prominently documented Doc Mismatch
SKILL.md usage section describes 'bash run.sh' without mentioning that -upload=true (the default) causes test results to be uploaded to a public pastebin (likely box-js or similar). Users may unknowingly expose their VPS configuration and IP address publicly.
"$binary" -menu=false "$@"  # -upload defaults to true, not -upload=false
→ Either change the default to -upload=false in run.sh, or prominently document the upload behavior in SKILL.md with a warning about data exposure.
 run.sh:295
Low
Undeclared clipboard access in analyze.sh Sensitive Access
The --copy flag in analyze.sh accesses system clipboard via xclip/xsel/pbcopy, which constitutes clipboard:WRITE access not declared in SKILL.md capability section.
xclip -selection clipboard | xsel --clipboard --input | pbcopy
→ Declare clipboard:WRITE in the skill's capability manifest if clipboard access is a core feature.
 analyze.sh:327
Low
Undeclared local AI tool invocation Doc Mismatch
The --call-ai flag in analyze.sh can invoke local AI tools (llm, aichat, ollama) by piping the analysis prompt to them. This is a skill_invoke:WRITE capability that is not declared.
llm | aichat | ollama run "$MODEL"
→ Document this capability or restrict --call-ai to an opt-in mode with explicit user confirmation.
 analyze.sh:339
Info
Binary not pinned to a specific version Supply Chain
run.sh dynamically fetches the latest version tag from GitHub API rather than pinning a known-good version. While GitHub releases are versioned, this introduces a time-of-check-time-of-use (TOCTOU) risk where a new release could break functionality or introduce unexpected behavior.
ver=$(http_text "$GITHUB_API" | grep '"tag_name"' ...)
→ Consider pinning a known-good version in skill.json (e.g., env: { ECS_VERSION: "1.2.3" }) and using that for downloads.
 run.sh:144
ResourceDeclaredInferredStatusEvidence
Shell WRITE WRITE ✓ Aligned run.sh:295 - "$binary" -menu=false "$@"
Filesystem READ READ ✓ Aligned run.sh:298 - cat "$result_file"; analyze.sh reads goecs.txt
Network READ READ ✓ Aligned run.sh:144-211 downloads binary from GitHub/CDN; ipapi.co/ip-api.com for geo det…
Clipboard NONE WRITE ✓ Aligned analyze.sh:327-336 --copy flag uses xclip/xsel/pbcopy
Skill Invoke NONE WRITE ✓ Aligned analyze.sh:338-354 --call-ai invokes llm/aichat/ollama
16 findings
🔗
Medium External URL 外部 URL
https://img.shields.io/badge/license-GPL--3.0-green.svg
README.md:3
🔗
Medium External URL 外部 URL
https://img.shields.io/badge/upstream-oneclickvirt%2Fecs-orange.svg
README.md:4
🔗
Medium External URL 外部 URL
https://img.shields.io/badge/platform-clawhub.ai-blue.svg
README.md:5
🔗
Medium External URL 外部 URL
https://clawhub.ai
README.md:5
🔗
Medium External URL 外部 URL
https://clawhub.ai/upload
README.md:27
🔗
Medium External URL 外部 URL
https://img.shields.io/badge/go-1.22+-blue.svg
README.md:154
🔗
Medium External URL 外部 URL
https://golang.org
README.md:154
🔗
Medium External URL 外部 URL
https://opensource.org/licenses/MIT-0
SKILL.md:102
🔗
Medium External URL 外部 URL
https://cdn0.spiritlhl.top/
run.sh:31
🔗
Medium External URL 外部 URL
http://cdn3.spiritlhl.net/
run.sh:31
🔗
Medium External URL 外部 URL
http://cdn1.spiritlhl.net/
run.sh:31
🔗
Medium External URL 外部 URL
http://cdn2.spiritlhl.net/
run.sh:31
🔗
Medium External URL 外部 URL
https://ipapi.co/json
run.sh:127
🔗
Medium External URL 外部 URL
http://ip-api.com/json/?fields=countryCode
run.sh:131
🔗
Medium External URL 外部 URL
https://cnb.cool/api/v1/repos/oneclickvirt/ecs/releases/latest
run.sh:148
🔗
Medium External URL 外部 URL
https://cnb.cool/oneclickvirt/ecs/-/releases/download/v$
run.sh:211

File Tree

6 files · 59.9 KB · 1557 lines
Shell 3f · 844L Markdown 2f · 530L JSON 1f · 183L
├─ 🔧 analyze.sh Shell 450L · 22.1 KB
├─ 🔧 pack.sh Shell 38L · 1.1 KB
├─ 📝 README.md Markdown 428L · 13.1 KB
├─ 🔧 run.sh Shell 356L · 15.4 KB
├─ 📋 skill.json JSON 183L · 4.8 KB
└─ 📝 SKILL.md Markdown 102L · 3.4 KB

Dependencies 5 items

PackageVersionSourceKnown VulnsNotes
goecs (binary) latest (dynamic) GitHub Releases No Binary fetched at runtime from github.com/oneclickvirt/ecs; version not pinned
curl any system No Preferred download tool, falls back to wget
wget any system No Fallback download tool
unzip any system No Used to extract goecs zip; falls back to python3
python3 any system No Fallback unzip; also used for analysis parsing

Security Positives

✓ Open-source project (MIT-0 license) with publicly verifiable source at github.com/oneclickvirt/ecs
✓ Skill metadata is well-structured and comprehensive in skill.json
✓ No obfuscation or encoded payloads detected — all scripts are plain shell
✓ No access to sensitive paths like ~/.ssh, ~/.aws, or .env files
✓ No credential harvesting or environment variable exfiltration
✓ No persistence mechanisms (no cron, no startup hooks, no backdoors)
✓ Binary downloaded over HTTPS from GitHub with CDN fallback
✓ Multiple fallback download sources to avoid single point of failure
✓ Cache directory is sandboxed to ~/.cache/clawchimera/ with version isolation
✓ No base64-encoded commands or eval() patterns
✓ Uses standard CLI tools (curl/wget, unzip/python) rather than custom binaries