contractor-marketing 安全扫描报告 — 低风险 | ClawSafe

18 /100

contractor-marketing

AI marketing department for contractors and home service businesses. Handles SEO, advertising, social media, email, proposals, review responses, competitor monitoring, and job costing.

A legitimate contractor marketing skill with no malicious code; concerns are limited to a hardcoded read-only API key in documentation and undocumented network access via curl.

技能名称contractor-marketing

分析耗时51.8s

引擎pi

✓

可以安装

Move the Supabase API key to an environment variable instead of hardcoding it in SKILL.md. Add explicit capability declarations (network:READ, shell:WRITE) if shell commands are expected to be executed.

安全发现 3 项

严重性	安全发现	位置
中危	Hardcoded Supabase API Key in SKILL.md 凭证窃取 A Supabase anon-key JWT token is embedded in plain text in SKILL.md (lines 21 and 27). While this is a read-only anon key, embedding credentials in documentation is a security anti-pattern. If the file is shared, logged, or published, the key could be scraped and abused. `-H "apikey=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImRtbHliY25wd3RuYWFkbWFwZGhsIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NDMxOTk4NzMsImV4cCI6MjA1ODc3NTg3M30.kVMGdVCPJMFwiVn-OWpMFIGJWJCYzaOGxFsZPJSq5s4"` → Replace the hardcoded key with an environment variable reference (e.g., SUPABASE_ANON_KEY) and document that the user must set this variable.	`SKILL.md:21`
低危	Undeclared Network and Shell Capabilities 文档欺骗 The SKILL.md instructs the agent to execute curl commands (shell:WRITE + network:READ) but these capabilities are not formally declared. This creates a doc-to-capability mismatch. The tool mapping implies Bash → shell:WRITE and WebFetch → network:READ, but neither is listed. `curl -s "https://dmlybcnpwtnaadmapdhl.supabase.co/rest/v1/strategies?select=title,...` → Add explicit allowed-tools declarations in the skill metadata for Bash and/or network access. Document the purpose of each external network call.	`SKILL.md:20`
低危	No Dependency Pinning 供应链 As a pure Markdown skill with no scripts, there are no package.json, requirements.txt, or Cargo.toml files. However, the skill depends on an external Supabase endpoint that is not pinned to a specific version or snapshot. The endpoint's behavior could change. `https://dmlybcnpwtnaadmapdhl.supabase.co/rest/v1/strategies` → Consider pinning to a specific API version or replicating the strategy library locally to avoid reliance on an external service.	`SKILL.md:21`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	No file operations found; skill only reads reference Markdown files
网络访问	`NONE`	`READ`	✓ 一致	SKILL.md:21-27 instructs curl GET to external Supabase REST endpoint
命令执行	`NONE`	`WRITE`	✓ 一致	SKILL.md:21-27: curl commands embedded in documentation imply shell execution ca…

2 项发现

🔗

中危外部 URL 外部 URL

https://dmlybcnpwtnaadmapdhl.supabase.co/rest/v1/strategies?select=title

SKILL.md:21

🔗

中危外部 URL 外部 URL

https://dmlybcnpwtnaadmapdhl.supabase.co/rest/v1/strategies?or=(title.ilike.*QUERY*

SKILL.md:27

目录结构

5 文件 · 8.8 KB · 245 行

Markdown 5f · 245L

├─ ▾ 📁 references

│ ├─ 📝 ad-creative-angles.md Markdown 37L · 1.2 KB

│ ├─ 📝 onboarding-questions.md Markdown 42L · 1.5 KB

│ ├─ 📝 proposal-template.md Markdown 45L · 1.2 KB

│ └─ 📝 review-response-rules.md Markdown 30L · 821 B

└─ 📝 SKILL.md Markdown 91L · 4.2 KB

安全亮点

✓ No executable scripts or binaries — skill is entirely Markdown documentation

✓ No sensitive file access attempts (no ~/.ssh, ~/.aws, .env, or similar paths)

✓ No credential harvesting or exfiltration behavior detected

✓ No obfuscation techniques (no base64, eval, or anti-analysis patterns)

✓ Network access is declared in documentation and has a plausible legitimate purpose (fetching marketing strategy content)

✓ No persistence mechanisms (no cron, startup hooks, or backdoor installation)

✓ Outbound network calls use GET only (read operations), with no POST of user data

✓ All content is in plain text — no hidden instructions in HTML comments or steganography