中文 EN

Scan Report

Scan New Files

Low Risk — Risk Score 15/100
Last scan:17 hr ago Rescan
15 /100
aurashot-character-skill
Character-consistent AI image generation — same person, any outfit, any scene, every time. Identity-preserving face swap and outfit changes via AuraShot API.
A legitimate character-consistent image generation API client with a minor documentation gap (undeclared filesystem:WRITE for output directories) but no malicious behavior detected.
Skill Nameaurashot-character-skill
Duration45.3s
Enginepi
Safe to install
Update SKILL.md metadata to declare filesystem:WRITE permission for output directories, and consider declaring environment:READ for AURASHOT_API_KEY. Otherwise safe to use.

Findings 2 items

Severity Finding Location
Low
Undeclared filesystem:WRITE permission Doc Mismatch
SKILL.md metadata declares filesystem:NONE but the script writes generated images to user-specified output directories (e.g., avatars/{name}/gallery/). This is a necessary and benign operation for the image generation feature, but it is not documented.
requires:
  bins: ["python3"]
  env: ["AURASHOT_API_KEY", "AURASHOT_STUDIO_KEY"]
→ Add filesystem:WRITE to declared permissions or document the output directory behavior in the SKILL.md body.
 SKILL.md:5
Low
Undeclared environment:READ permission Doc Mismatch
SKILL.md does not declare that the script reads AURASHOT_API_KEY and AURASHOT_STUDIO_KEY from os.environ. This is necessary and benign — the skill needs its own API key — but it should be declared.
env: ["AURASHOT_API_KEY", "AURASHOT_STUDIO_KEY"]
→ Add environment:READ to declared permissions to accurately reflect the skill's needs.
 SKILL.md:5
ResourceDeclaredInferredStatusEvidence
Filesystem NONE WRITE ✗ Violation scripts/aurashot.py:226 — output_path.parent.mkdir(parents=True, exist_ok=True);…
Network READ READ ✓ Aligned All network calls go to https://www.aurashot.art — legitimate API service
Shell NONE NONE No subprocess, os.system, or shell command execution found
Environment NONE READ ✗ Violation scripts/aurashot.py:72 — os.environ.get('AURASHOT_API_KEY') and 'AURASHOT_STUDIO…
Browser NONE NONE N/A — no browser interaction
Database NONE NONE N/A — no database access
Clipboard NONE NONE N/A — no clipboard access
Skill Invoke NONE NONE N/A — no cross-skill invocation
7 findings
🔗
Medium External URL 外部 URL
https://www.aurashot.art/login
README.md:37
🔗
Medium External URL 外部 URL
https://www.aurashot.art/studio?tab=keys
README.md:38
🔗
Medium External URL 外部 URL
https://www.aurashot.art/studio?tab=billing
README.md:40
🔗
Medium External URL 外部 URL
https://www.aurashot.art
README.md:49
🔗
Medium External URL 外部 URL
https://www.aurashot.art/studio?tab=docs
README.md:50
🔗
Medium External URL 外部 URL
https://clawhub.ai/whbzju/aurashot-character-skill
README.md:51
🔗
Medium External URL 外部 URL
https://cdn.example.com/result.png
SKILL.md:169

File Tree

5 files · 41.0 KB · 999 lines
Python 1f · 500L Markdown 3f · 496L YAML 1f · 3L
├─ 📁 agents
│ └─ 📋 openai.yaml YAML 3L · 366 B
├─ 📁 references
│ └─ 📝 api.md Markdown 154L · 4.9 KB
├─ 📁 scripts
│ └─ 🐍 aurashot.py Python 500L · 20.4 KB
├─ 📝 README.md Markdown 51L · 2.0 KB
└─ 📝 SKILL.md Markdown 291L · 13.4 KB

Security Positives

✓ No subprocess, shell execution, or eval() calls — pure Python standard library
✓ No obfuscation (no base64, no encoded strings, no anti-analysis tricks)
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env, etc.)
✓ No data exfiltration — all network traffic is to the legitimate AuraShot API (https://www.aurashot.art)
✓ No credential harvesting — environment variable access is scoped to AURASHOT_API_KEY/AURASHOT_STUDIO_KEY only
✓ File operations are scoped to user-specified paths (avatars/*) and uploaded images only
✓ SSL certificate validation with fallback only for CDN image downloads
✓ No supply chain risk — no external dependencies, pure Python standard library
✓ API reference documentation (references/api.md) is accurate and consistent with implementation