115-skills Security Report — Low Risk | ClawSafe

22 /100

115-skills

115 网盘智能管理：扫码登录、文件浏览、搜索、转存、离线下载、智能整理

This is a legitimate 115 cloud disk management skill with primarily benign code, but contains minor security concerns: an undeclared Puppeteer browser-automation module, disabled SSL verification in HTTP client, and hard-coded test IPs in User-Agent strings.

Skill Name115-skills

Duration62.1s

Enginepi

✓

Safe to install

Review the unused auth-puppeteer.js module before production use, remove or document the rejectUnauthorized:false setting in lib/auth-web.js, and replace hard-coded IPs in User-Agent strings with actual version identifiers. Overall the code performs its stated 115 cloud management functions without evidence of credential theft or data exfiltration.

Findings 5 items

Severity	Finding	Location
Medium	Undeclared Puppeteer headless browser module Doc Mismatch lib/auth-puppeteer.js contains a complete Puppeteer-based authentication module that launches a headless Chrome browser, navigates to 115.com, extracts QR codes from the DOM, and captures cookies. This module is not instantiated in index.js and is not declared in SKILL.md. While it is currently dead code, its presence is a significant undeclared capability that could be activated to perform browser automation and DOM scraping. `this.browser = await puppeteer.launch({ headless: 'new', args: ['--no-sandbox', '--disable-setuid-sandbox'] })` → Either remove the auth-puppeteer.js file if unused, or explicitly declare its browser automation capability in SKILL.md with proper documentation of what data it accesses from web pages.	`lib/auth-puppeteer.js:15`
Low	Unpinned dependency versions in package.json Supply Chain Several packages in package.json use caret (^) version ranges including axios@^1.6.0, puppeteer@^24.39.1, qrcode@^1.5.3, and qs@^6.15.0. While these are all legitimate and widely-used packages, unpinned versions allow supply chain attacks to slip in through minor version updates. `"axios": "^1.6.0", "puppeteer": "^24.39.1", "qrcode": "^1.5.3", "qs": "^6.15.0"` → Pin all dependency versions to exact versions (remove ^ prefix) and consider verifying checksums. Use package-lock.json or yarn.lock and commit it to ensure reproducible builds.	`package.json:29`
Low	Disabled TLS certificate verification Sensitive Access lib/auth-web.js sets rejectUnauthorized: false in the HTTPS agent configuration. This disables SSL/TLS certificate verification for all outbound HTTPS requests to 115.com, making the HTTP client vulnerable to man-in-the-middle attacks. `httpsAgent: new https.Agent({ rejectUnauthorized: false })` → Remove the rejectUnauthorized: false setting. The default Node.js behavior of verifying TLS certificates provides critical security. If SSL verification fails in production, investigate the root cause rather than disabling it.	`lib/auth-web.js:21`
Info	Hard-coded test IP addresses in User-Agent strings Doc Mismatch Two placeholder IP addresses appear in User-Agent headers: '120.0.0.0' in lib/auth-puppeteer.js line 39, and '23.9.3.2' in lib/auth.js line 20 (User-Agent: 'Mozilla/5.0 115Browser/23.9.3.2'). These appear to be test/fake IP addresses used as version identifiers. They are not used as network connection targets, so they are not active C2 indicators. However, the '23.9.3.2' string is suspicious as it could be mistaken for a command-and-control IP. `'User-Agent': 'Mozilla/5.0 115Browser/23.9.3.2'` → Replace hard-coded test IPs with legitimate application version strings. The '23.9.3.2' should be replaced with the actual 115Browser version or a generic user agent.	`lib/auth.js:20`
Info	Undeclared filesystem write access Priv Escalation The SKILL.md declares only 'Read, Grep, Glob, Bash' as allowed-tools, but the cookie-store.js module performs filesystem WRITE operations to create and write to ~/.openclaw/115-cookie.json. While this is necessary for cookie persistence, it is not declared in the skill documentation. `fs.writeFileSync(this.storagePath, encrypted, { mode: 0o600 })` → Update SKILL.md to document that the skill writes encrypted cookie data to ~/.openclaw/115-cookie.json as part of its login persistence feature.	`lib/storage/cookie-store.js:17`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	index.js uses fs via cookie-store.js for storing encrypted cookies at ~/.opencla…
Network	`NONE`	`READ`	✗ Violation	All lib/* modules make outbound HTTP requests to 115.com APIs via axios; not dec…
Shell	`WRITE`	`NONE`	✓ Aligned	Bash is declared in allowed-tools but no shell commands are executed in the code…
Environment	`NONE`	`READ`	✓ Aligned	lib/storage/cookie-store.js reads process.env.HOME to determine storage path
Browser	`NONE`	`READ`	✗ Violation	lib/auth-puppeteer.js uses Puppeteer to launch headless Chrome, screenshot pages…
Database	`NONE`	`NONE`	—	No database access detected

2 High 14 findings

📡

High IP Address 硬编码 IP 地址

120.0.0.0

lib/auth-puppeteer.js:39

📡

High IP Address 硬编码 IP 地址

23.9.3.2

lib/auth.js:20

🔗

Medium External URL 外部 URL

https://115.com/s/SHARE_CODE

SKILL.md:148

🔗

Medium External URL 外部 URL

https://115.com/s/xxx

index.js:207

🔗

Medium External URL 外部 URL

https://115.com/

lib/auth-puppeteer.js:42

🔗

Medium External URL 外部 URL

https://passport.115.com/qrcode/generate

lib/auth-web.js:90

🔗

Medium External URL 外部 URL

https://passportapi.115.com

lib/auth.js:13

🔗

Medium External URL 外部 URL

https://webapi.115.com

lib/auth.js:14

🔗

Medium External URL 外部 URL

https://my.115.com/?ct=ajax&ac=nav

lib/auth.js:250

🔗

Medium External URL 外部 URL

https://uplb.115.com

lib/files/transfer.js:17

🔗

Medium External URL 外部 URL

https://lixian.115.com

lib/lixian/download.js:15

🔗

Medium External URL 外部 URL

https://115.com/s/abc123

lib/share/transfer.js:23

🔗

Medium External URL 外部 URL

https://115.com/s/abc123?password=xyzw

lib/share/transfer.js:25

🔗

Medium External URL 外部 URL

https://115.com/s/$

lib/share/transfer.js:237

File Tree

28 files · 226.6 KB · 9007 lines

JavaScript 26f · 8729L Markdown 1f · 222L JSON 1f · 56L

├─ ▾ 📁 lib

│ ├─ ▾ 📁 client

│ │ └─ 📜 http-client.js JavaScript 315L · 8.0 KB

│ ├─ ▾ 📁 context

│ │ ├─ 📜 history-manager.js JavaScript 517L · 12.1 KB

│ │ └─ 📜 session-context.js JavaScript 298L · 6.4 KB

│ ├─ ▾ 📁 error

│ │ └─ 📜 error-handler.js JavaScript 430L · 11.1 KB

│ ├─ ▾ 📁 files

│ │ ├─ 📜 batch-operations.js JavaScript 467L · 11.8 KB

│ │ ├─ 📜 browser.js JavaScript 275L · 6.2 KB

│ │ ├─ 📜 operations.js JavaScript 289L · 7.0 KB

│ │ └─ 📜 transfer.js JavaScript 257L · 6.5 KB

│ ├─ ▾ 📁 lixian

│ │ ├─ 📜 download.js JavaScript 274L · 6.5 KB

│ │ └─ 📜 lixian-manager.js JavaScript 523L · 13.2 KB

│ ├─ ▾ 📁 organizer

│ │ ├─ 📜 classifier.js JavaScript 153L · 4.3 KB

│ │ ├─ 📜 clean-advisor.js JavaScript 486L · 13.7 KB

│ │ └─ 📜 smart-organizer.js JavaScript 289L · 8.0 KB

│ ├─ ▾ 📁 parser

│ │ └─ 📜 command-parser.js JavaScript 326L · 8.6 KB

│ ├─ ▾ 📁 recommender

│ │ └─ 📜 action-recommender.js JavaScript 459L · 11.0 KB

│ ├─ ▾ 📁 share

│ │ ├─ 📜 share-manager.js JavaScript 363L · 9.1 KB

│ │ └─ 📜 transfer.js JavaScript 317L · 8.2 KB

│ ├─ ▾ 📁 storage

│ │ └─ 📜 cookie-store.js JavaScript 218L · 5.3 KB

│ ├─ ▾ 📁 ui

│ │ ├─ 📜 progress-display.js JavaScript 358L · 9.1 KB

│ │ └─ 📜 response-builder.js JavaScript 560L · 14.2 KB

│ ├─ ▾ 📁 utils

│ │ └─ 📜 helpers.js JavaScript 32L · 574 B

│ ├─ 📜 auth-puppeteer.js JavaScript 304L · 7.9 KB

│ ├─ 📜 auth-web.js JavaScript 262L · 6.0 KB

│ ├─ 📜 auth.js JavaScript 315L · 7.8 KB

│ └─ 📜 session.js JavaScript 297L · 6.6 KB

├─ 📜 index.js JavaScript 345L · 9.8 KB

├─ 📋 package.json JSON 56L · 1.5 KB

└─ 📝 SKILL.md Markdown 222L · 6.3 KB

Dependencies 5 items

Package	Version	Source	Known Vulns	Notes
`axios`	`^1.6.0`	npm	No	Version not pinned; CVE-2023-45857 applies to versions <1.5.0 but ^1.6.0 should be safe
`puppeteer`	`^24.39.1`	npm	No	Heavy dependency; version not pinned; present as dead code
`qrcode`	`^1.5.3`	npm	No	Version not pinned; used for QR code generation
`qs`	`^6.15.0`	npm	No	Version not pinned; used for query string serialization
`form-data`	`^4.0.0`	npm	No	Version not pinned; used for multipart form data

Security Positives

✓ Credential storage uses AES-256-GCM encryption with PBKDF2 key derivation (100,000 iterations, sha256) — strong cryptographic practices

✓ Machine-specific encryption key derived from hostname+platform+arch — credentials are not portable across machines

✓ Cookie file is stored with 0o600 permissions (owner-only read/write) — appropriate file permissions

✓ No evidence of credential exfiltration — credentials stay local and encrypted

✓ No base64-encoded payloads or eval() usage found — clean code execution model

✓ No curl|bash or wget|sh patterns — no remote script execution

✓ No access to ~/.ssh, ~/.aws, .env, or other sensitive credential paths

✓ No hidden instructions in HTML comments or strings

✓ All network requests target legitimate 115.com infrastructure (webapi.115.com, passport.115.com, etc.) — no suspicious external IPs contacted

✓ Disable-model-invocation flag properly set for high-risk operations — appropriate operational safety controls

Scan Report

Findings 5 items

File Tree

Dependencies 5 items

Security Positives