中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 20/100
上次扫描:1 天前 重新扫描
20 /100
qa-browser-tester
Launch a real headless browser on the server and perform exhaustive end-to-end QA testing of a web application — clicking every button, filling every form, navigating every menu, and simulating a complete user journey.
A legitimate QA browser automation skill using Playwright; documented behavior aligns with actual implementation, but install commands and Python subprocess usage are under-documented in SKILL.md.
技能名称qa-browser-tester
分析耗时33.4s
引擎pi
可以安装
Add explicit declarations in SKILL.md for shell:WRITE (apt-get, pip install, bootstrap.pypa.io) and the subprocess memory check in docker-setup.md. Pin Playwright to a specific version. Otherwise safe for use.

安全发现 3 项

严重性 安全发现 位置
低危
Shell installation commands under-declared in SKILL.md 文档欺骗
Phase 1 uses apt-get, pip3 install, and downloads get-pip.py from bootstrap.pypa.io, but SKILL.md does not explicitly declare shell:WRITE or the remote bootstrap URL in the capability declarations.
apt-get update -qq && apt-get install -y python3-pip curl -qq
→ Add a 'Required Permissions' section in SKILL.md explicitly declaring shell:WRITE for package installation and network:READ for bootstrap.pypa.io.
 SKILL.md:58
低危
Playwright dependency not version-pinned 供应链
pip3 install playwright has no version constraint, allowing any version to be installed including potentially compromised ones.
pip3 install playwright
→ Pin Playwright to a specific version, e.g., pip3 install playwright==1.42.0, and verify the hash.
 SKILL.md:60
低危
subprocess memory check undeclared in capability map 文档欺骗
references/docker-setup.md uses subprocess.run(['free', '-m']) for memory checks but this environment:READ behavior is not reflected in SKILL.md capability declarations.
subprocess.run(['free', '-m'], capture_output=True, text=True)
→ Document that this skill reads system memory information for safety checks.
 references/docker-setup.md:44
资源类型声明权限推断权限状态证据
浏览器 WRITE WRITE ✓ 一致 references/test-phases.md:1 — p.chromium.launch() via Playwright
文件系统 WRITE WRITE ✓ 一致 SKILL.md:129 — mkdir -p /tmp/qa_screenshots; references/test-phases.md:13 — os.m…
网络访问 READ READ ✓ 一致 references/test-phases.md:40 — page.goto() fetching target URLs
命令执行 WRITE WRITE ✓ 一致 SKILL.md:58-77 — apt-get/pip install; references/test-phases.md:1 — python3 << '…
环境变量 NONE READ ✓ 一致 references/docker-setup.md — subprocess.run(['free', '-m']); SKILL.md Phase 0 re…
技能调用 NONE NONE N/A
剪贴板 NONE NONE N/A
数据库 NONE NONE N/A
2 项发现
🔗
中危 外部 URL 外部 URL
https://bootstrap.pypa.io/get-pip.py
SKILL.md:72
🔗
中危 外部 URL 外部 URL
https://your-app-url-here.com
SKILL.md:128

目录结构

3 文件 · 25.6 KB · 701 行
Markdown 3f · 701L
├─ 📁 references
│ ├─ 📝 docker-setup.md Markdown 91L · 2.8 KB
│ └─ 📝 test-phases.md Markdown 431L · 18.1 KB
└─ 📝 SKILL.md Markdown 179L · 4.7 KB

依赖分析 1 项

包名版本来源已知漏洞备注
playwright * pip Version not pinned — supply chain risk

安全亮点

✓ All core functionality (browser automation, form testing, navigation) is accurately documented in SKILL.md and references/
✓ No credential harvesting or exfiltration — test credentials are generated locally and never leave the session
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env, etc.)
✓ No base64, eval, obfuscation, or anti-analysis techniques
✓ Chromium is launched with correct sandbox-disabling flags appropriate for container environments
✓ Screenshots and data remain in /tmp/qa_screenshots — no external data transfer
✓ No persistence mechanisms (no cron, no startup hooks, no service registration)
✓ No reverse shell, C2 communication, or remote code execution patterns