knowledge-card Security Report — Trusted | ClawSafe

5 /100

knowledge-card

Generate beautiful knowledge concept cards (知识概念卡片) from book summaries, notes, or topics as PNG images via Playwright screenshot

A straightforward knowledge-card PNG generator that uses Playwright to screenshot HTML templates. No malicious behavior, credential access, obfuscation, or undeclared capabilities detected.

Skill Nameknowledge-card

Duration35.6s

Enginepi

✓

Safe to install

No action needed. The skill is safe to use as described.

Findings 2 items

Severity	Finding	Location
Low	Playwright loaded from unversioned npx cache path Supply Chain The script hardcodes the Playwright module path as /root/.npm/_npx/e41f203b7505f1fb/node_modules/playwright, bypassing any version declaration. No package.json or requirements.txt exists to pin the dependency version. `const { chromium } = require('/root/.npm/_npx/e41f203b7505f1fb/node_modules/playwright');` → Add a package.json with a pinned Playwright version and a lock file to ensure reproducible builds.	`scripts/generate.js:11`
Low	Network READ access not declared in SKILL.md Doc Mismatch SKILL.md does not mention that the skill fetches Google Fonts from fonts.googleapis.com when generating cards. The network access is minor (font loading only) but not documented. `No declaration of network:READ in allowed-tools mapping` → Add a note in SKILL.md that Google Fonts are fetched from CDN when rendering cards.	`SKILL.md:1`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`WRITE`	`WRITE`	✓ Aligned	scripts/generate.js:56 — fs.writeFileSync writes temp HTML; fs.writeFileSync wri…
Shell	`WRITE`	`WRITE`	✓ Aligned	SKILL.md:60 — node scripts/generate.js (user-facing shell invocation); scripts/g…
Browser	`READ`	`READ`	✓ Aligned	scripts/generate.js:71-74 — Playwright launches browser, navigates to file:// HT…
Network	`NONE`	`READ`	✓ Aligned	scripts/generate.js:48 — @import url(https://fonts.googleapis.com/...) in genera…
Environment	`NONE`	`NONE`	—	No os.environ iteration or access
Clipboard	`NONE`	`NONE`	—	No clipboard access
Database	`NONE`	`NONE`	—	No database access
Skill Invoke	`NONE`	`NONE`	—	No recursive skill invocation

File Tree

2 files · 13.5 KB · 290 lines

JavaScript 1f · 149L Markdown 1f · 141L

├─ ▾ 📁 scripts

│ └─ 📜 generate.js JavaScript 149L · 9.0 KB

└─ 📝 SKILL.md Markdown 141L · 4.5 KB

Dependencies 2 items

Package	Version	Source	Known Vulns	Notes
`playwright`	`unversioned`	npx cache /root/.npm/_npx/e41f203b7505f1fb/node_modules/playwright	No	Loaded from hardcoded npx cache path with no version pinning in a manifest
`google-fonts (fonts.googleapis.com)`	`N/A`	CDN	No	Fetched at render time via CSS @import in generated HTML

Security Positives

✓ No shell command injection vectors — all arguments are CLI-parsed strings with no eval() or child_process execution

✓ No credential, token, or sensitive path access (no ~/.ssh, ~/.aws, .env, or os.environ iteration)

✓ No obfuscation techniques — no base64, atob, eval, or dynamic code construction

✓ No data exfiltration — output PNG is written locally and printed to stdout only

✓ No persistence mechanisms — no cron, startup scripts, or backdoor installation

✓ No recursive skill invocation or clipboard access

✓ HTML template is static with controlled CSS injection (theme colors are simple string interpolation, not script execution)

✓ Temporary files are created in os.tmpdir() and cleaned up after screenshot

✓ Doc-to-code behavior is consistent — SKILL.md accurately describes node CLI usage and Playwright screenshot workflow

Scan Report

Findings 2 items

File Tree

Dependencies 2 items

Security Positives