扫描报告
5 /100
securitytrails
SecurityTrails integration for threat intelligence data via Membrane CLI
Pure documentation skill with no executable code - uses legitimate Membrane CLI for SecurityTrails API integration.
可以安装
This skill is safe to use. No security concerns identified.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | READ | ✓ 一致 | Documentation only, no file operations |
| 网络访问 | READ | READ | ✓ 一致 | Intended for SecurityTrails API access via Membrane proxy |
| 命令执行 | WRITE | WRITE | ✓ 一致 | CLI commands (npm install, membrane login/run) are documented and necessary |
| 环境变量 | NONE | NONE | — | No environment variable access |
2 项发现
中危 外部 URL 外部 URL
https://getmembrane.com SKILL.md:7 中危 外部 URL 外部 URL
https://docs.securitytrails.com/ SKILL.md:19 目录结构
1 文件 · 4.5 KB · 128 行 Markdown 1f · 128L
└─
SKILL.md
Markdown
安全亮点
✓ No executable code - pure documentation
✓ All functionality is clearly declared in SKILL.md
✓ Uses established Membrane platform for credential management (no local API key storage)
✓ No suspicious patterns: no base64, no IP addresses, no obfuscation
✓ No sensitive file access, no credential harvesting
✓ Legitimate external URLs point to official documentation