中文 EN

扫描报告

扫描新文件

可疑 — 风险评分 40/100
上次扫描:2 天前 重新扫描
40 /100
clawhub-security-scan
Pre-publish security scan for ClawHub skills - Scans code for patterns that might trigger automatic suspicious flagging and gives fixing suggestions.
A ClawHub security-scanning tool with a hardcoded example credential in review.py that contradicts its own security advice, and undeclared external API calls to skillpay.me for billing.
技能名称clawhub-security-scan
分析耗时49.9s
引擎pi
谨慎使用
Remove the hardcoded string 'secretkeyhere123' from review.py:24 and replace with a clearly-labeled placeholder comment. Document the skillpay.me billing API calls in SKILL.md's external APIs section. Consider whether billing integration belongs in a security-scanning tool.

安全发现 3 项

严重性 安全发现 位置
高危
Hardcoded high-entropy string contradicts security advice
review.py line 24 contains api_key = "secretkeyhere123" — a hardcoded credential with Shannon entropy >3.5 that matches the skill's own high-entropy secret detection pattern. The same file's print_best_practices() explicitly warns against this pattern.
api_key = "secretkeyhere123"
→ Remove this line or replace with a clearly commented placeholder: # DEMO ONLY: api_key = "your-key-here" # Never hard-code secrets
 scripts/review.py:24
中危
Undeclared external API calls to skillpay.me
Both scan.py and precheck.py POST JSON to https://skillpay.me/api/v1 for billing. This network WRITE behavior is only mentioned under 'Pricing' in SKILL.md, not in the declared capabilities or the usage table.
urllib.request.Request(f"{API}{path}", data=json.dumps(body).encode(), headers={"X-API-Key": key}, method="POST")
→ Add skillpay.me to the 'What it scans' section under Medium Risk, or create an 'External APIs' subsection in SKILL.md
 scripts/scan.py:64
中危
Billing charge on every invocation requires --user-id
Both scan.py and precheck.py require --user-id and will attempt to charge 0.001 USDT via SkillPay on every run. This cost model is not prominent in the command documentation.
parser.add_argument('--user-id', required=True, help='User ID (for SkillPay billing)')
→ Document that the skill charges 0.001 USDT per call prominently in the Usage section
 scripts/scan.py:156
资源类型声明权限推断权限状态证据
文件系统 READ READ ✓ 一致 SKILL.md documents reading sensitive files as what the tool scans FOR
网络访问 READ WRITE ✗ 越权 scan.py:64, precheck.py:36 — POSTs to skillpay.me/api/v1 not declared in SKILL.m…
环境变量 NONE READ ✗ 越权 scan.py:72, precheck.py:44 — reads SKILLPAY_API_KEY from os.environ
命令执行 NONE NONE No subprocess/shell execution found in codebase
1 高危 2 项发现
🔑
高危 API 密钥 疑似硬编码凭证
api_key = "secretkeyhere123"
scripts/review.py:24
🔗
中危 外部 URL 外部 URL
https://skillpay.me/api/v1
scripts/precheck.py:24

目录结构

5 文件 · 32.4 KB · 851 行
Python 3f · 769L Markdown 1f · 73L JSON 1f · 9L
├─ 📁 scripts
│ ├─ 🐍 precheck.py Python 196L · 6.9 KB
│ ├─ 🐍 review.py Python 101L · 3.8 KB
│ └─ 🐍 scan.py Python 472L · 18.7 KB
├─ 📋 _meta.json JSON 9L · 290 B
└─ 📝 SKILL.md Markdown 73L · 2.7 KB

依赖分析 1 项

包名版本来源已知漏洞备注
urllib (stdlib) N/A stdlib Standard library only, no external package dependencies

安全亮点

✓ Skill actively detects and warns against the very patterns it exhibits (credential hardcoding, eval/exec, sensitive file access) — shows awareness of security best practices
✓ No subprocess/shell execution found anywhere in the codebase
✓ No sensitive file access (~/.ssh, /etc/passwd, etc.) in the skill's own code
✓ No base64 decode, eval(), or __import__ tricks found
✓ No data exfiltration or credential theft
✓ SKILL.md comprehensively documents what patterns it scans for, reducing user surprise
✓ The skill's core scanning logic (scan.py) is well-structured with clear risk categorization