Scan Report
5 /100
inference-audit
Compare AI inference costs across providers and benchmark with real data
This is a legitimate cost-comparison skill that provides documentation and curl-based workflows for comparing AI inference pricing across providers, with no hidden functionality or security concerns.
Safe to install
This skill is safe to use. Users should be aware they are interacting with a commercial service (GPU-Bridge) and that API calls include standard UTM tracking parameters.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No file operations found in documentation |
| Network | NONE | READ | ✓ Aligned | Read-only GET requests to api.gpubridge.io for pricing data |
| Shell | NONE | NONE | — | curl commands in docs are for user reference only, not executed by the skill |
| Environment | NONE | NONE | — | No environment variable access detected |
| Skill Invoke | NONE | NONE | — | No nested skill invocation |
| Clipboard | NONE | NONE | — | No clipboard access |
| Browser | NONE | NONE | — | No browser automation |
| Database | NONE | NONE | — | No database access |
12 findings
Medium External URL 外部 URL
https://api.gpubridge.io/catalog/estimate?service=llm-4090 SKILL.md:48 Medium External URL 外部 URL
https://api.gpubridge.io/catalog/estimate?service=embedding-l4 SKILL.md:49 Medium External URL 外部 URL
https://api.gpubridge.io/catalog/estimate?service=whisper-l4 SKILL.md:50 Medium External URL 外部 URL
https://api.gpubridge.io/catalog/estimate?service=image-4090 SKILL.md:51 Medium External URL 外部 URL
https://api.gpubridge.io/catalog/estimate?service=tts-l4 SKILL.md:52 Medium External URL 外部 URL
https://api.gpubridge.io/catalog/estimate?service=rerank SKILL.md:53 Medium External URL 外部 URL
https://api.gpubridge.io/catalog SKILL.md:56 Medium External URL 外部 URL
https://api.gpubridge.io/account/register SKILL.md:93 Medium External URL 外部 URL
https://api.gpubridge.io/run SKILL.md:98 Medium External URL 外部 URL
https://gpubridge.io SKILL.md:133 Medium External URL 外部 URL
https://api.gpubridge.io/catalog/estimate?service= tool.json:20 Info Email 邮箱地址
[email protected] SKILL.md:95 File Tree
2 files · 6.8 KB · 167 lines Markdown 1f · 133L
JSON 1f · 34L
├─
SKILL.md
Markdown
└─
tool.json
JSON
Security Positives
✓ No code execution, scripts, or binaries present - purely documentation-based skill
✓ Network access is read-only (GET requests for pricing data)
✓ No credential harvesting, key theft, or environment variable enumeration
✓ No obfuscation techniques (base64, eval, or anti-analysis patterns)
✓ No sensitive path access (~/.ssh, ~/.aws, .env files)
✓ No persistence mechanisms or startup hooks
✓ Transparent about commercial affiliation (GPU-Bridge marketing with UTM tracking)
✓ tool.json defines two safe, read-only tools with proper descriptions