mofang-records 安全扫描报告 — 低风险 | ClawSafe

15 /100

mofang-records

魔方网表记录管理 - MagicSquare no-code platform record management for CRUD operations

A legitimate MagicSquare (魔方网表) REST API wrapper skill with minor documentation inconsistencies but no malicious behavior detected.

技能名称mofang-records

分析耗时79.7s

引擎pi

✓

可以安装

Fix the missing cli.mjs file and update SKILL.md to reflect that handlers use fetch-based HTTP calls rather than exec-based CLI invocations. Otherwise safe to use.

安全发现 5 项

严重性	安全发现	位置
低危	Missing cli.mjs entrypoint 文档欺骗 SKILL.md and skill.json reference ./cli.mjs as the binary entrypoint, and package.json declares it as bin. However, the cli.mjs file does not exist in the repository. The handlers directory exists with TypeScript source and compiled dist output, but no CLI wrapper is provided. `"bin": { "mofang-records": "./cli.mjs" }` → Create cli.mjs to serve as the CLI wrapper, or update SKILL.md/skill.json to reflect the actual invocation method (direct handler invocation).	`package.json:7`
低危	SKILL.md declares exec-based CLI but handlers use fetch 文档欺骗 SKILL.md states '必须通过 exec 执行本 Skill 提供的 CLI 命令完成操作' (must use exec to run CLI commands). However, the handlers use Node.js fetch API to make direct HTTP requests to the configured BASE_URL. This is a documentation mismatch - the actual implementation makes HTTP calls directly, not through a CLI subprocess. `必须通过 exec 执行本 Skill 提供的 CLI 命令完成操作` → Update SKILL.md to clarify whether this is a handler skill (direct function calls) or a CLI skill. If handler-based, remove the exec/CLI instructions.	`SKILL.md:1`
低危	Undeclared filesystem WRITE access 权限提升 The cache module in handlers/utils/cache.ts writes to ~/.mofang-skills/ directory (line 33: mkdir + writeFile) but SKILL.md does not declare any filesystem permissions. The skill declares requiredTools: ['exec'] but no filesystem access. `await mkdir(dir, { recursive: true }); await writeFile(path, JSON.stringify(data, null, 0), 'utf-8');` → Add filesystem:WRITE to the skill's declared capabilities in SKILL.md if this is a concern for the deployment environment.	`handlers/utils/cache.ts:33`
低危	Unpinned dependency node-fetch 供应链 package.json declares node-fetch as '^3.3.2' (caret range), allowing minor/patch updates. The node-fetch v3 has known breaking API changes from v2. `"node-fetch": "^3.3.2"` → Pin to exact version: [email protected] to prevent unexpected updates.	`package.json:16`
提示	Environment variable access for home directory 敏感访问 The cache module reads HOME or USERPROFILE environment variables to determine the cache directory path. This is standard practice but accesses environment variables. `const home = process.env.HOME \|\| process.env.USERPROFILE \|\| '';` → No action needed - this is legitimate usage for cross-platform home directory detection.	`handlers/utils/cache.ts:29`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`WRITE`	✗ 越权	handlers/utils/cache.ts:33 writes to ~/.mofang-skills/
网络访问	`NONE`	`READ`	✗ 越权	handlers/utils/http-client.ts:107 uses fetch to BASE_URL
命令执行	`WRITE`	`NONE`	✗ 越权	SKILL.md declares exec required but cli.mjs does not exist
技能调用	`NONE`	`NONE`	—	No skill-to-skill invocation detected
环境变量	`NONE`	`READ`	✓ 一致	handlers/utils/cache.ts:29 reads HOME/UserProfile
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser access
数据库	`NONE`	`NONE`	—	No direct database access

12 项发现

🔗

中危外部 URL 外部 URL

https://registry.npmmirror.com/@types/node/-/node-20.19.37.tgz

package-lock.json:20

🔗

中危外部 URL 外部 URL

https://registry.npmmirror.com/data-uri-to-buffer/-/data-uri-to-buffer-4.0.1.tgz

package-lock.json:30

🔗

中危外部 URL 外部 URL

https://registry.npmmirror.com/fetch-blob/-/fetch-blob-3.2.0.tgz

package-lock.json:39

🔗

中危外部 URL 外部 URL

https://paypal.me/jimmywarting

package-lock.json:48

🔗

中危外部 URL 外部 URL

https://registry.npmmirror.com/formdata-polyfill/-/formdata-polyfill-4.0.10.tgz

package-lock.json:62

🔗

中危外部 URL 外部 URL

https://registry.npmmirror.com/node-domexception/-/node-domexception-1.0.0.tgz

package-lock.json:74

🔗

中危外部 URL 外部 URL

https://registry.npmmirror.com/node-fetch/-/node-fetch-3.3.2.tgz

package-lock.json:94

🔗

中危外部 URL 外部 URL

https://opencollective.com/node-fetch

package-lock.json:107

🔗

中危外部 URL 外部 URL

https://registry.npmmirror.com/typescript/-/typescript-5.9.3.tgz

package-lock.json:112

🔗

中危外部 URL 外部 URL

https://registry.npmmirror.com/undici-types/-/undici-types-6.21.0.tgz

package-lock.json:126

🔗

中危外部 URL 外部 URL

https://registry.npmmirror.com/web-streams-polyfill/-/web-streams-polyfill-3.3.3.tgz

package-lock.json:133

🔗

中危外部 URL 外部 URL

https://example.mf999.com

skill.json:11

目录结构

39 文件 · 116.3 KB · 3602 行

TypeScript 22f · 1869L JavaScript 11f · 1100L JSON 5f · 434L Markdown 1f · 199L

├─ ▾ 📁 dist

│ ├─ ▾ 📁 utils

│ │ ├─ 📜 base64.d.ts TypeScript 10L · 422 B

│ │ ├─ 📜 base64.js JavaScript 28L · 850 B

│ │ ├─ 📜 bq-builder.d.ts TypeScript 39L · 1.0 KB

│ │ ├─ 📜 bq-builder.js JavaScript 98L · 2.9 KB

│ │ ├─ 📜 cache.d.ts TypeScript 45L · 1.7 KB

│ │ ├─ 📜 cache.js JavaScript 105L · 3.2 KB

│ │ ├─ 📜 field-defs.d.ts TypeScript 64L · 1.8 KB

│ │ ├─ 📜 field-defs.js JavaScript 211L · 6.8 KB

│ │ ├─ 📜 http-client.d.ts TypeScript 26L · 909 B

│ │ ├─ 📜 http-client.js JavaScript 107L · 3.6 KB

│ │ ├─ 📜 resolve.d.ts TypeScript 23L · 861 B

│ │ └─ 📜 resolve.js JavaScript 174L · 8.0 KB

│ ├─ 📜 fields.d.ts TypeScript 21L · 707 B

│ ├─ 📜 fields.js JavaScript 37L · 1.5 KB

│ ├─ 📜 forms.d.ts TypeScript 22L · 599 B

│ ├─ 📜 forms.js JavaScript 65L · 2.3 KB

│ ├─ 📜 health.d.ts TypeScript 11L · 318 B

│ ├─ 📜 health.js JavaScript 51L · 1.6 KB

│ ├─ 📜 records.d.ts TypeScript 68L · 2.0 KB

│ ├─ 📜 records.js JavaScript 187L · 7.7 KB

│ ├─ 📜 spaces.d.ts TypeScript 15L · 387 B

│ └─ 📜 spaces.js JavaScript 37L · 1.2 KB

├─ ▾ 📁 handlers

│ ├─ ▾ 📁 utils

│ │ ├─ 📜 base64.ts TypeScript 31L · 833 B

│ │ ├─ 📜 bq-builder.ts TypeScript 140L · 3.2 KB

│ │ ├─ 📜 cache.ts TypeScript 141L · 3.9 KB

│ │ ├─ 📜 field-defs.ts TypeScript 249L · 7.2 KB

│ │ ├─ 📜 http-client.ts TypeScript 151L · 4.0 KB

│ │ └─ 📜 resolve.ts TypeScript 215L · 8.0 KB

│ ├─ 📜 fields.ts TypeScript 65L · 2.0 KB

│ ├─ 📜 forms.ts TypeScript 96L · 2.6 KB

│ ├─ 📜 health.ts TypeScript 62L · 1.7 KB

│ ├─ 📜 records.ts TypeScript 316L · 8.9 KB

│ └─ 📜 spaces.ts TypeScript 59L · 1.4 KB

├─ 📋 package-lock.json JSON 141L · 4.6 KB

├─ 📋 package.json JSON 23L · 546 B

├─ 📋 skill.json JSON 29L · 852 B

├─ 📝 SKILL.md Markdown 199L · 7.3 KB

├─ 📋 tools.json JSON 221L · 8.7 KB

└─ 📋 tsconfig.json JSON 20L · 488 B

依赖分析 3 项

包名	版本	来源	已知漏洞	备注
`node-fetch`	`^3.3.2`	npm	否	Version not pinned, minor/patch updates allowed
`@types/node`	`^20.11.0`	npm	否	Dev dependency, only needed for type checking
`typescript`	`^5.3.0`	npm	否	Dev dependency, build-time only

安全亮点

✓ No eval(), exec(), spawn(), or other code execution primitives found

✓ No base64-encoded strings being decoded and executed

✓ No credential exfiltration - passwords are only used for JWT token acquisition

✓ No access to ~/.ssh, ~/.aws, .env, or other sensitive credential paths

✓ No reverse shell, C2 communication, or data exfiltration patterns

✓ No obfuscation techniques detected (no obfuscated code, no suspicious string manipulation)

✓ No supply chain IOCs (typosquatting, malicious packages) - only standard npm dependencies

✓ Token caching is in-memory only, not written to disk (tokens stay in cachedToken variable)

✓ Cache files are scoped to BASE_URL hash, not global, reducing collision risk

✓ Comprehensive input validation on API parameters