Skill Trust Decision
server-log-analysis
config.yaml 包含明文凭证违反自身声明的文档约束,但无实际可执行代码,整体风险可控
Why this conclusion was reached
0/4 dimensions flagged Pass
Declared vs actual capability
Declared resources and inferred behavior are broadly aligned.
Pass
Hidden execution and egress
No obvious high-risk egress or execution signals were found.
Pass
Attack chain and severe findings
There is no explicit malicious chain in the report.
Review
Dependencies and supply chain hygiene
Dependency information is incomplete, so supply-chain confidence stays limited.
What drove the risk score up
文档-行为不符 +20
SKILL.md 明确声明'不要把明文敏感信息放进去',但 config.yaml 包含明文密码
敏感配置项存在 +15
config.yaml 包含 username: root 和 password: password
Most important evidence
Medium Doc Mismatch
config.yaml 包含明文凭证违反安全声明
SKILL.md 明确声明'将 config.yaml 视为运维元数据,不要把明文敏感信息放进去',但 config.yaml 包含 username: root 和 password: password 的明文凭证。这是文档与实践的不一致。
config.yaml:11 将凭证改为环境变量引用(如 password_env: SSH_PASSWORD)或使用密钥文件路径引用
Low Sensitive Access
未声明的网络连接能力
SKILL.md 描述通过 SSH 连接远程服务器,但未明确声明将使用 network 或 shell 资源级别
SKILL.md:1 在 SKILL.md 头部添加 allowed-tools 声明,明确所需工具权限
Declared capability vs actual capability
Shell Pass
Declared NONE
→ Inferred WRITE
SKILL.md 提及通过 SSH 连接执行远程操作,但未声明具体工具 Network Pass
Declared NONE
→ Inferred READ
config.yaml 定义了远程服务器连接信息 Suspicious artifacts and egress
No obvious IOC was extracted.
Dependencies and supply chain
There are no structured dependency warnings.
File composition
3 files · 344 lines
Markdown 2 files · 282 linesYAML 1 files · 62 lines
Files of concern · 2
SKILL.md 未声明的网络连接能力
config.yaml config.yaml 包含明文凭证违反安全声明
Other files · reference.md
Security positives
无可执行脚本,消除了代码执行风险
无第三方依赖,无供应链风险
SKILL.md 安全约束条款完整
日志分析逻辑清晰,聚焦于最小必要下载