Scan Report
5 /100
x-cb
Interact with Codeberg using the `x cb` CLI for managing repositories, issues, PRs, organizations, teams, and users on Codeberg.
Pure documentation-only skill that describes `x cb` CLI commands for Codeberg interactions with no executable code, scripts, or hidden functionality.
Safe to install
No action needed. This skill is a simple CLI usage guide with no security concerns.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No file operations in SKILL.md |
| Network | NONE | NONE | — | No network code; only documents CLI usage |
| Shell | NONE | READ | ✓ Aligned | SKILL.md documents `x cb` CLI commands (Bash→shell:WRITE) but these are declared… |
| Environment | NONE | NONE | — | No environment access |
| Skill Invoke | NONE | NONE | — | No inter-skill invocation |
| Clipboard | NONE | NONE | — | No clipboard access |
| Browser | NONE | NONE | — | No browser automation |
| Database | NONE | NONE | — | No database access |
1 findings
Medium External URL 外部 URL
https://codeberg.org/user/settings/applications SKILL.md:8 File Tree
1 files · 1.8 KB · 90 lines Markdown 1f · 90L
└─
SKILL.md
Markdown
Security Positives
✓ No executable code or scripts present — purely a documentation file
✓ All CLI operations are fully documented with examples in SKILL.md
✓ No credential harvesting, token exfiltration, or sensitive path access
✓ No obfuscation, base64-encoded payloads, or anti-analysis techniques
✓ No supply chain dependencies or dependency files
✓ No persistence mechanisms (cron, startup hooks, backdoors)
✓ No prompt injection or hidden instructions detected
✓ Skill purpose (Codeberg CLI interaction) is clearly stated and matches all documented behavior