knowledge-card 安全扫描报告 — 可信 | ClawSafe

5 /100

knowledge-card

Generate beautiful knowledge concept cards (知识概念卡片) from book summaries, notes, or topics as PNG images via Playwright screenshot

A straightforward knowledge-card PNG generator that uses Playwright to screenshot HTML templates. No malicious behavior, credential access, obfuscation, or undeclared capabilities detected.

技能名称knowledge-card

分析耗时35.6s

引擎pi

✓

可以安装

No action needed. The skill is safe to use as described.

安全发现 2 项

严重性	安全发现	位置
低危	Playwright loaded from unversioned npx cache path 供应链 The script hardcodes the Playwright module path as /root/.npm/_npx/e41f203b7505f1fb/node_modules/playwright, bypassing any version declaration. No package.json or requirements.txt exists to pin the dependency version. `const { chromium } = require('/root/.npm/_npx/e41f203b7505f1fb/node_modules/playwright');` → Add a package.json with a pinned Playwright version and a lock file to ensure reproducible builds.	`scripts/generate.js:11`
低危	Network READ access not declared in SKILL.md 文档欺骗 SKILL.md does not mention that the skill fetches Google Fonts from fonts.googleapis.com when generating cards. The network access is minor (font loading only) but not documented. `No declaration of network:READ in allowed-tools mapping` → Add a note in SKILL.md that Google Fonts are fetched from CDN when rendering cards.	`SKILL.md:1`

资源类型	声明权限	推断权限	状态	证据
文件系统	`WRITE`	`WRITE`	✓ 一致	scripts/generate.js:56 — fs.writeFileSync writes temp HTML; fs.writeFileSync wri…
命令执行	`WRITE`	`WRITE`	✓ 一致	SKILL.md:60 — node scripts/generate.js (user-facing shell invocation); scripts/g…
浏览器	`READ`	`READ`	✓ 一致	scripts/generate.js:71-74 — Playwright launches browser, navigates to file:// HT…
网络访问	`NONE`	`READ`	✓ 一致	scripts/generate.js:48 — @import url(https://fonts.googleapis.com/...) in genera…
环境变量	`NONE`	`NONE`	—	No os.environ iteration or access
剪贴板	`NONE`	`NONE`	—	No clipboard access
数据库	`NONE`	`NONE`	—	No database access
技能调用	`NONE`	`NONE`	—	No recursive skill invocation

目录结构

2 文件 · 13.5 KB · 290 行

JavaScript 1f · 149L Markdown 1f · 141L

├─ ▾ 📁 scripts

│ └─ 📜 generate.js JavaScript 149L · 9.0 KB

└─ 📝 SKILL.md Markdown 141L · 4.5 KB

依赖分析 2 项

包名	版本	来源	已知漏洞	备注
`playwright`	`unversioned`	npx cache /root/.npm/_npx/e41f203b7505f1fb/node_modules/playwright	否	Loaded from hardcoded npx cache path with no version pinning in a manifest
`google-fonts (fonts.googleapis.com)`	`N/A`	CDN	否	Fetched at render time via CSS @import in generated HTML

安全亮点

✓ No shell command injection vectors — all arguments are CLI-parsed strings with no eval() or child_process execution

✓ No credential, token, or sensitive path access (no ~/.ssh, ~/.aws, .env, or os.environ iteration)

✓ No obfuscation techniques — no base64, atob, eval, or dynamic code construction

✓ No data exfiltration — output PNG is written locally and printed to stdout only

✓ No persistence mechanisms — no cron, startup scripts, or backdoor installation

✓ No recursive skill invocation or clipboard access

✓ HTML template is static with controlled CSS injection (theme colors are simple string interpolation, not script execution)

✓ Temporary files are created in os.tmpdir() and cleaned up after screenshot

✓ Doc-to-code behavior is consistent — SKILL.md accurately describes node CLI usage and Playwright screenshot workflow