扫描报告
15 /100
swarmrecall-dream
Agent dreaming — memory consolidation, deduplication, pruning, contradiction resolution, and session summarization via the SwarmRecall API.
This is a documentation-only skill describing an external API for AI memory consolidation. All external communications are declared, no code execution or credential exfiltration occurs.
可以安装
Approve for use. The skill is transparent about external API calls and data handling. Users should verify the trustworthiness of swarmrecall-api.onrender.com before use.
安全发现 2 项
| 严重性 | 安全发现 | 位置 |
|---|---|---|
| 低危 | Third-party API dependency for memory processing 文档欺骗 | SKILL.md:46 |
| 低危 | Auto-registration sends agent metadata externally 数据外泄 | SKILL.md:29 |
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | NONE | — | No file operations documented |
| 网络访问 | READ | READ | ✓ 一致 | API calls to external service are fully declared in SKILL.md |
| 命令执行 | NONE | NONE | — | No shell execution documented |
| 环境变量 | READ | READ | ✓ 一致 | Reads SWARMRECALL_API_KEY from environment |
| 技能调用 | NONE | NONE | — | No skill chaining documented |
| 剪贴板 | NONE | NONE | — | No clipboard access documented |
| 浏览器 | NONE | NONE | — | No browser automation documented |
| 数据库 | NONE | NONE | — | No database access documented |
3 项发现
中危 外部 URL 外部 URL
https://www.swarmrecall.ai SKILL.md:14 中危 外部 URL 外部 URL
https://swarmrecall-api.onrender.com/api/v1/register SKILL.md:29 中危 外部 URL 外部 URL
https://swarmrecall-api.onrender.com SKILL.md:46 目录结构
1 文件 · 10.5 KB · 319 行 Markdown 1f · 319L
└─
SKILL.md
Markdown
安全亮点
✓ No shell execution or code execution vectors
✓ No credential harvesting or exfiltration beyond declared API key usage
✓ All external API calls are fully documented and transparent
✓ No obfuscation or base64-encoded payloads
✓ No filesystem or sensitive path access
✓ HTTPS is enforced for all data transmission
✓ API key is retained in environment only (not written to disk)