扫描报告
20 /100
outgrow
Outgrow integration for managing data, records, and workflow automation via the Membrane CLI
A legitimate Outgrow integration skill using the Membrane CLI; no malicious behavior found, but documentation does not declare the required shell/Bash permissions.
可以安装
Add a declared permissions section to SKILL.md listing Bash→shell:WRITE and clarify that CLI tools are invoked through shell. Pin the npm package version with @membranehq/[email protected] instead of @latest.
安全发现 2 项
| 严重性 | 安全发现 | 位置 |
|---|---|---|
| 低危 | Shell execution not declared in allowed-tools 文档欺骗 | SKILL.md:35 |
| 低危 | Unpinned npm package version 供应链 | SKILL.md:35 |
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | NONE | — | No filesystem access detected |
| 网络访问 | READ | READ | ✓ 一致 | External URLs to getmembrane.com and developers.outgrow.co are declared in docs |
| 命令执行 | NONE | WRITE | ✗ 越权 | SKILL.md instructs: npm install -g @membranehq/cli, membrane login --tenant, mem… |
2 项发现
中危 外部 URL 外部 URL
https://getmembrane.com SKILL.md:7 中危 外部 URL 外部 URL
https://developers.outgrow.co/ SKILL.md:19 目录结构
1 文件 · 4.3 KB · 126 行 Markdown 1f · 126L
└─
SKILL.md
Markdown
依赖分析 1 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
@membranehq/cli | latest (unpinned) | npm | 否 | No version pinned — supply chain drift possible |
安全亮点
✓ No credential harvesting or environment variable exfiltration observed
✓ No base64, eval, or obfuscated code patterns present
✓ No hidden HTML comments or shadow instructions
✓ No direct IP network requests — all network calls route through the Membrane CLI proxy
✓ No access to sensitive paths such as ~/.ssh, ~/.aws, or .env
✓ No reverse shell, C2, or persistence mechanisms
✓ Skill describes a legitimate, documented integration pattern
✓ Membrane's proxy request is scoped to authenticated connections, limiting abuse surface