Skill Trust Decision

x-daily-report

Name: x-daily-report Trust Review Report
Item: x-daily-report
Rating: 52
Author: ClawSafe

硬编码X API凭证且凭证收割行为超出声明范围，但功能本身看似合法

Install decision first Source: ClawHub Scanned: Apr 6, 2026

Files 5

Artifacts 2

Violations 1

Findings 5

Most direct threat evidence

用户安装并运行skill，声称用于X账号监控 Entry · SKILL.md

通过useCookiesFromBrowser窃取Chrome中X平台认证Cookie Escalation · scripts/x-scraper-free.js

使用窃取的Cookie或硬编码API密钥访问用户X账号数据 Impact · scripts/x-monitor.js

Why this conclusion was reached

3/4 dimensions flagged

Block

Declared vs actual capability

1 undeclared or violating capabilities were inferred.

Block

Hidden execution and egress

1 high-risk artifacts or egress signals were extracted.

Block

Attack chain and severe findings

The report includes 3 attack-chain steps and 2 severe findings.

Review

Dependencies and supply chain hygiene

1 dependency or supply-chain issues need attention.

Attack Chain

用户安装并运行skill，声称用于X账号监控

Entry · SKILL.md:1

通过useCookiesFromBrowser窃取Chrome中X平台认证Cookie

Escalation · scripts/x-scraper-free.js:43

使用窃取的Cookie或硬编码API密钥访问用户X账号数据

Impact · scripts/x-monitor.js:11

What drove the risk score up

硬编码API密钥 +25

X_API_KEY='THp2c1V4bW5JQVJ1S09IY1BzN1NubDoxaXJpUQ'直接写在源码scripts/x-monitor.js:11

浏览器Cookie窃取 +15

x-scraper-free.js调用useCookiesFromBrowser('chrome')从Chrome提取已登录会话

飞书Token访问 +8

访问FEISHU_ACCESS_TOKEN环境变量收集第三方凭证

Most important evidence

High Credential Theft

硬编码X API密钥

在源代码中直接暴露X平台API密钥'THp2c1V4bW5JQVJ1S09IY1BzN1NubDoxaXJpUQ'，攻击者可通过源码获取并滥用

scripts/x-monitor.js:11

移除硬编码密钥，改用环境变量或配置文件

High Credential Theft

从Chrome浏览器窃取认证Cookie

使用twitter-scraper库的useCookiesFromBrowser('chrome')方法从用户Chrome浏览器提取X平台的认证会话Cookie，可能窃取已登录凭证

scripts/x-scraper-free.js:43

使用官方API而非浏览器会话劫持

Medium Credential Theft

飞书AccessToken环境变量访问

代码访问FEISHU_ACCESS_TOKEN环境变量，该凭证用于获取飞书多维表格中的账号列表，存在凭证收割意图

scripts/x-monitor.js:23

确认此访问是否为功能必要

Medium Supply Chain

第三方依赖无版本锁定

axios依赖使用^1.6.0允许自动升级，存在供应链攻击风险

package.json:14

锁定具体版本如[email protected]

Low Doc Mismatch

API密钥获取方式未声明

SKILL.md提到'填入X_API_KEY'但未说明密钥来源，代码注释'已自动获取'暗示可能的收割行为

SKILL.md:58

明确说明API密钥来源和配置方式

Declared capability vs actual capability

Network Pass

Declared READ

→

Inferred READ

axios调用飞书/X API

Environment Block

Declared NONE

→

Inferred READ

scripts/x-monitor.js:23 读取FEISHU_ACCESS_TOKEN

Filesystem Pass

Declared WRITE

→

Inferred WRITE

writeFile写入日报文件

Suspicious artifacts and egress

High API Key

API_KEY = 'THp2c1V4bW5JQVJ1S09IY1BzN1NubDoxaXJpUQ'

scripts/x-monitor.js:11

Medium External URL

https://open.feishu.cn/open-apis

scripts/x-monitor.js:8

Dependencies and supply chain

Package	Version	Source	Known vuln	Notes
@the-convocation/twitter-scraper	`^0.22.1`	npm	No	包含浏览器Cookie访问能力
axios	`^1.6.0`	npm	No	无版本锁定，存在供应链风险

File composition

5 files · 609 lines

JavaScript 2 files · 445 linesMarkdown 2 files · 147 linesJSON 1 files · 17 lines

Files of concern · 4

scripts/x-monitor.js JavaScript · 235 lines

硬编码X API密钥 · 飞书AccessToken环境变量访问 · API_KEY = 'THp2c1V4bW5JQVJ1S09IY1BzN1NubDoxaXJpUQ' · https://open.feishu.cn/open-apis

scripts/x-scraper-free.js JavaScript · 210 lines

从Chrome浏览器窃取认证Cookie

SKILL.md Markdown · 93 lines

API密钥获取方式未声明

package.json JSON · 17 lines

第三方依赖无版本锁定

Other files · account-list.md

Security positives

功能实现完整，代码结构清晰

使用开源twitter-scraper而非自建恶意爬虫

日报生成逻辑合理，符合描述功能