crypto-news 安全扫描报告 — 低风险 | ClawSafe

25 /100

crypto-news

加密快讯抓取与筛选技能，从 BlockBeats 官方开放接口并发抓取最新快讯

Skill is a legitimate crypto news fetcher but has significant doc-to-code mismatch: push-news.js and send-feishu.js with hardcoded gateway tokens and message-sending behavior are entirely undeclared in SKILL.md.

技能名称crypto-news

分析耗时43.8s

引擎pi

✓

可以安装

Document the full skill surface including push-news.js, the gateway token mechanism, and the feishu messaging capability. Avoid hardcoding credentials; use environment variables instead.

安全发现 4 项

严重性	安全发现	位置
中危	Undeclared messaging capability with hardcoded gateway token 文档欺骗 SKILL.md only describes new.js for news fetching. Both push-news.js and send-feishu.js contain hardcoded GATEWAY_TOKEN ('30176f5d9e3d3372a70cefc8c1cf34248e5abc5888ec5519') and POST messages to http://127.0.0.1:18789/tools/invoke. This outbound messaging capability is entirely absent from documentation. `const GATEWAY_TOKEN = '30176f5d9e3d3372a70cefc8c1cf34248e5abc5888ec5519';` → Document the messaging/push functionality in SKILL.md. Move credentials to environment variables.	`push-news.js:9`
中危	Undeclared shell execution via execSync 文档欺骗 push-news.js uses execSync to invoke new.js. While the subprocess call itself is for a legitimate internal script, this shell:WRITE capability is not declared anywhere in SKILL.md. const result = execSync(`node "${scriptPath}" "${keyword}" ${count} ${maxChars}`, { encoding: 'utf-8', timeout: 30000 }); → Document that push-news.js invokes new.js via subprocess. This makes the shell:WRITE capability explicit.	`push-news.js:38`
低危	Hardcoded credentials not in environment variables 凭证窃取 GATEWAY_TOKEN, ACCOUNT_ID, and DEFAULT_TARGET are hardcoded as string literals in push-news.js and send-feishu.js. These should be sourced from environment variables to avoid accidental exposure. `const GATEWAY_TOKEN = '30176f5d9e3d3372a70cefc8c1cf34248e5abc5888ec5519';` → Replace hardcoded credentials with process.env.GATEWAY_TOKEN and similar environment variable lookups.	`push-news.js:9`
低危	Undeclared filesystem:WRITE (cache file write) 权限提升 push-news.js writes to .sent-news.json in the skill directory. SKILL.md only describes read operations (fetching news via API). The local cache write is a filesystem:WRITE operation not declared in the documentation. `fs.writeFileSync(SENT_CACHE_FILE, JSON.stringify(...));` → Document that this skill maintains a local cache of sent news IDs for deduplication.	`push-news.js:30`

资源类型	声明权限	推断权限	状态	证据
文件系统	`READ`	`READ`	✓ 一致	new.js reads API response; push-news.js reads .sent-news.json
文件系统	`NONE`	`WRITE`	✓ 一致	push-news.js writes .sent-news.json; not declared in SKILL.md
网络访问	`READ`	`READ`	✓ 一致	new.js fetches BlockBeats API (GET); documented in SKILL.md
网络访问	`NONE`	`WRITE`	✗ 越权	push-news.js POSTs to gateway; send-feishu.js POSTs to gateway; SKILL.md declare…
命令执行	`NONE`	`WRITE`	✗ 越权	push-news.js uses execSync (line 38); not declared in SKILL.md

19 项发现

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/336035

.sent-news.json:3

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/336027

.sent-news.json:4

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/336021

.sent-news.json:5

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/336002

.sent-news.json:6

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/335968

.sent-news.json:7

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/335961

.sent-news.json:8

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/335952

.sent-news.json:9

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/335944

.sent-news.json:10

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/335927

.sent-news.json:11

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/335925

.sent-news.json:12

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/335883

.sent-news.json:13

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/335822

.sent-news.json:14

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/335808

.sent-news.json:15

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/335654

.sent-news.json:16

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/335515

.sent-news.json:17

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/336114

.sent-news.json:18

🔗

中危外部 URL 外部 URL

https://api.theblockbeats.news/v1/open-api/open-flash

SKILL.md:12

🔗

中危外部 URL 外部 URL

https://m.theblockbeats.info/flash/335678

SKILL.md:75

🔗

中危外部 URL 外部 URL

http://127.0.0.1:18789

push-news.js:9

目录结构

7 文件 · 20.6 KB · 690 行

JavaScript 3f · 540L Markdown 1f · 92L JSON 3f · 58L

├─ 📋 .sent-news.json JSON 20L · 842 B

├─ 📜 new.js JavaScript 264L · 7.5 KB

├─ 📋 package-lock.json JSON 33L · 760 B

├─ 📋 package.json JSON 5L · 48 B

├─ 📜 push-news.js JavaScript 224L · 6.3 KB

├─ 📜 send-feishu.js JavaScript 52L · 1.3 KB

└─ 📝 SKILL.md Markdown 92L · 3.8 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`ws`	`^8.19.0`	npm	否	Well-known WebSocket library, version range is slightly broad but acceptable

安全亮点

✓ No base64-encoded strings or obfuscated code found

✓ No credential harvesting (no iteration over os.environ for secrets)

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)

✓ No curl|bash or wget|sh remote script execution

✓ No reverse shell, C2 communication, or data exfiltration to external IPs

✓ No eval(), new Function(), or dynamic code execution

✓ Dependency (ws) is a well-known, widely-used legitimate package

✓ new.js is a clean, straightforward news fetcher that matches its documentation