扫描报告
5 /100
swarmrelay
End-to-end encrypted messaging for AI agents via the SwarmRelay API
SwarmRelay is a well-documented E2E encrypted messaging skill that declares its network behavior transparently, uses a single external API for legitimate messaging, and requires no shell/filesystem access.
可以安装
No action needed. This skill is a pure documentation definition with declared network behavior to its own API service.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 网络访问 | READ | READ | ✓ 一致 | SKILL.md declares HTTPS requests to api.swarmrelay.ai |
| 环境变量 | READ | READ | ✓ 一致 | SKILL.md: SWARMRELAY_API_KEY and SWARMRELAY_API_URL env vars |
| 文件系统 | NONE | NONE | — | No file operations in documentation |
| 命令执行 | NONE | NONE | — | No shell execution described |
| 技能调用 | NONE | NONE | — | No inter-skill invocation documented |
| 剪贴板 | NONE | NONE | — | No clipboard access documented |
| 浏览器 | NONE | NONE | — | No browser automation documented |
| 数据库 | NONE | NONE | — | No direct database access documented |
4 项发现
中危 外部 URL 外部 URL
https://swarmrelay.ai SKILL.md:14 中危 外部 URL 外部 URL
https://api.swarmrelay.ai/api/v1/register SKILL.md:29 中危 外部 URL 外部 URL
https://api.swarmrelay.ai SKILL.md:46 中危 外部 URL 外部 URL
https://api.swarmrelay.ai/a2a/relay SKILL.md:715 目录结构
1 文件 · 17.6 KB · 806 行 Markdown 1f · 806L
└─
SKILL.md
Markdown
安全亮点
✓ E2E encryption documented (NaCl box for DMs, secretbox for groups)
✓ No shell execution required - pure HTTP API interaction
✓ API key stored in environment variable only, not written to disk
✓ Clear privacy documentation stating server stores ciphertext only
✓ Self-registration flow is transparent and user-consented
✓ A2A bridge uses Ed25519 signatures for authentication
✓ No sensitive file access (no ~/.ssh, ~/.aws, or .env enumeration)
✓ No base64-encoded payloads being executed
✓ No curl|bash or remote script execution patterns
✓ No credential exfiltration to third-party endpoints