rustunnel 安全扫描报告 — 可信 | ClawSafe

5 /100

rustunnel

Expose local services via secure tunnels using rustunnel MCP server

Pure documentation skill with no scripts or code. All declared behavior (config file reading for tunnel auth) is legitimate and necessary for the tunnel service functionality.

技能名称rustunnel

分析耗时19.5s

引擎pi

✓

可以安装

No action needed. This is a well-documented tunnel management skill.

资源类型	声明权限	推断权限	状态	证据
文件系统	`READ`	`READ`	✓ 一致	SKILL.md - Reads ~/.rustunnel/config.yml for auth_token

3 项发现

🔗

中危外部 URL 外部 URL

https://abc123.edge.rustunnel.com

SKILL.md:143

🔗

中危外部 URL 外部 URL

https://myapp-preview.edge.rustunnel.com

SKILL.md:243

🔗

中危外部 URL 外部 URL

https://edge.rustunnel.com:8443

SKILL.md:296

目录结构

1 文件 · 8.7 KB · 335 行

Markdown 1f · 335L

└─ 📝 SKILL.md Markdown 335L · 8.7 KB

安全亮点

✓ Pure documentation skill with no executable code

✓ All declared capabilities are necessary for tunnel functionality

✓ Uses MCP tools for secure lifecycle management

✓ Proper file permissions guidance (chmod 600) documented

✓ HTTPS usage explicitly mentioned

✓ No hidden functionality or obfuscation

✓ No sensitive path access beyond declared tunnel config