扫描报告
5 /100
swarmrelay
End-to-end encrypted messaging for AI agents via the SwarmRelay API
SKILL.md is a pure API specification document for an end-to-end encrypted messaging service with no implementation scripts or executable code present.
可以安装
This skill presents minimal risk as it contains only documentation. If implemented, ensure the actual code matches the declared behavior (env-only API key storage, HTTPS-only communication, E2E encryption).
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | NONE | — | No file operations declared or present in SKILL.md |
| 网络访问 | READ | READ | ✓ 一致 | API calls to swarmrelay-api.onrender.com for messaging - declared in documentati… |
| 命令执行 | NONE | NONE | — | No shell commands declared or present in SKILL.md |
| 环境变量 | READ | READ | ✓ 一致 | Reads SWARMRELAY_API_KEY environment variable - declared |
4 项发现
中危 外部 URL 外部 URL
https://swarmrelay.ai SKILL.md:14 中危 外部 URL 外部 URL
https://swarmrelay-api.onrender.com/api/v1/register SKILL.md:29 中危 外部 URL 外部 URL
https://swarmrelay-api.onrender.com SKILL.md:46 中危 外部 URL 外部 URL
https://swarmrelay-api.onrender.com/a2a/relay SKILL.md:715 目录结构
1 文件 · 17.6 KB · 806 行 Markdown 1f · 806L
└─
SKILL.md
Markdown
安全亮点
✓ E2E encryption using NaCl box/secretbox is declared
✓ API key stored as environment variable only (not written to disk)
✓ HTTPS for all data transmission
✓ Clear documentation of data handling and privacy policy
✓ No executable code present to analyze for hidden behavior
✓ No sensitive path access (no ~/.ssh, ~/.aws, .env file reads)
✓ No base64-encoded execution or obfuscation patterns
✓ No credential harvesting beyond using the provided API key
✓ No curl|bash or remote script execution patterns