中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 15/100
上次扫描:2 天前 重新扫描
15 /100
vmware-vks
AI-powered VMware vSphere with Tanzu (VKS) management — 20 MCP tools for Supervisor clusters, vSphere Namespaces, and TKC cluster lifecycle
Documentation-only skill for VMware VKS management with clear, reasonable security claims and no malicious indicators; actual functionality resides in an external PyPI package.
技能名称vmware-vks
分析耗时34.5s
引擎pi
可以安装
The skill is low-risk but relies entirely on external package security. Consider pinning to a specific version and verifying the PyPI package hash before installation.

安全发现 3 项

严重性 安全发现 位置
低危
External package dependency
This skill is documentation-only. Actual functionality comes from the vmware-vks PyPI package, which is not included in the skill bundle. Security claims in SKILL.md cannot be independently verified against actual code.
installer: kind: uv, package: vmware-vks
→ Pin to a specific package version and verify package hash before installation. Review source at github.com/zw008/VMware-VKS before trusting.
 SKILL.md:1
低危
Plaintext credential storage in .env
Setup guide instructs users to store vCenter passwords in plaintext in ~/.vmware-vks/.env files. While this is a common pattern, no integration with secure credential stores (vault, HSM, keychain) is documented.
echo "VMWARE_VKS_VCENTER01_PASSWORD=your_password" > ~/.vmware-vks/.env
→ Consider using OS-native credential storage (Keychain on macOS, pass/secretservice on Linux) or document that users should use encrypted filesystems.
 references/setup-guide.md:56
低危
SSL verification opt-out supported
The skill supports 'verify_ssl: false' in config for self-signed vCenter certificates. While documented as an enterprise standard, this introduces MITM attack vectors.
verify_ssl: false
→ Add prominent warning that verify_ssl: false should only be used in isolated/air-gapped environments. Consider adding certificate pinning as an alternative.
 references/setup-guide.md:30
资源类型声明权限推断权限状态证据
命令执行 WRITE NONE ✓ 一致 SKILL.md declares Bash tool but contains no scripts; actual shell access would b…
网络访问 READ READ ✓ 一致 Outbound connections limited to configured vCenter host only (per security docum…
环境变量 NONE READ ✓ 一致 Requires VMWARE_VKS_CONFIG and credential environment variables per metadata
1 项发现
📧
提示 邮箱 邮箱地址
[email protected]
references/setup-guide.md:53

目录结构

5 文件 · 23.9 KB · 615 行
Markdown 4f · 577L JSON 1f · 38L
├─ 📁 evals
│ └─ 📋 evals.json JSON 38L · 1.3 KB
├─ 📁 references
│ ├─ 📝 capabilities.md Markdown 75L · 4.2 KB
│ ├─ 📝 cli-reference.md Markdown 127L · 3.6 KB
│ └─ 📝 setup-guide.md Markdown 125L · 4.5 KB
└─ 📝 SKILL.md Markdown 250L · 10.3 KB

依赖分析 1 项

包名版本来源已知漏洞备注
vmware-vks * PyPI Version not pinned; external package not included in skill bundle

安全亮点

✓ MIT-licensed with auditable source code at github.com/zw008/VMware-VKS
✓ 12/20 tools are read-only (60% read-only ratio)
✓ Dry-run defaults for all create operations
✓ Double confirmation required for destructive operations (delete_namespace, delete_tkc_cluster)
✓ Safety guards that prevent orphaned clusters and data loss
✓ No eval, exec, or subprocess calls with user-controlled data (per documentation)
✓ Network egress limited to user-configured vCenter only
✓ MCP transport uses stdio only (no listening ports)
✓ All write operations audit-logged to ~/.vmware-vks/audit.log
✓ No suspicious indicators: no base64, no direct IPs, no curl|bash patterns