扫描报告
5 /100
plan
Think-first execution with approval gating. Use when work is complex, ambiguous, irreversible, multi-step, worth comparing before choosing, interrupted and needs recovery, or long-running enough to need a living plan.
Pure documentation skill providing a read-only approval-gated planning framework with no executable code or sensitive operations.
可以安装
This skill is safe to use. It contains only documentation describing a planning methodology with no implementation code.
安全发现 1 项
| 严重性 | 安全发现 | 位置 |
|---|---|---|
| 提示 | Toolbox audit concept implies capability not present 文档欺骗 | SKILL.md:241 |
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | READ | READ | ✓ 一致 | Documentation describes read-only exploration before approval |
| 网络访问 | NONE | NONE | — | No network operations in code (no code exists) |
| 命令执行 | NONE | NONE | — | No shell execution described or implemented |
| 环境变量 | NONE | NONE | — | No environment variable access described |
| 技能调用 | NONE | NONE | — | Toolbox audit mentions checking skills but no invocation code exists |
| 剪贴板 | NONE | NONE | — | No clipboard access described |
| 浏览器 | NONE | NONE | — | No browser access described |
| 数据库 | NONE | NONE | — | No database access described |
目录结构
2 文件 · 12.7 KB · 372 行 Markdown 2f · 372L
├─
▾
references
│ └─
patterns.md
Markdown
└─
SKILL.md
Markdown
安全亮点
✓ No executable code - pure documentation/methodology
✓ Explicit read-only stance until user approval
✓ Approval contract clearly defines when actions are permitted
✓ Surprise policy requires stopping and reporting unexpected changes
✓ No credential, file write, or network access operations
✓ No dependencies to audit for vulnerabilities
✓ Documentation is clear and matches the stated purpose