gequhai-music Security Report — Suspicious | ClawSafe

45 /100

gequhai-music

歌曲海音乐搜索与下载技能 - Search and download music from gequhai.com to Synology NAS

Skill contains hardcoded Synology credentials and base64 obfuscation for download URLs without full disclosure in documentation, presenting significant security risks for credential exposure and unauthorized NAS access.

Skill Namegequhai-music

Duration67.3s

Enginepi

⚠

Use with caution

Remove hardcoded credentials from source code and use environment variables or secure credential storage. Declare all credential usage in SKILL.md. Consider if base64 obfuscation of download URLs is necessary or could be simplified.

Findings 5 items

Severity	Finding	Location
High	Hardcoded Synology password not declared in documentation Credential Theft Synology NAS password 'Xx654321' is hardcoded in scripts/gequhai_crawler.py line 215. SKILL.md only mentions username 'xiaoai' but does not disclose the password. This exposes credentials that could be extracted and reused for unauthorized NAS access. `SYNOLOGY_PASS = "Xx654321"` → Use environment variables or secure credential storage. Declare credential usage in SKILL.md if intentional.	`scripts/gequhai_crawler.py:215`
Medium	Base64 obfuscation for download URLs Obfuscation The decode_modified_base64() function uses custom base64 encoding where # is replaced with H and % is replaced with S. While used for legitimate music download URLs, this obfuscation pattern is suspicious and could hide malicious payloads. `modified = encoded.replace("#", "H").replace("%", "S")` → If this is for legitimate URL encoding, document the scheme in SKILL.md. Consider using standard base64 if possible.	`scripts/gequhai_crawler.py:52`
Medium	Undeclared filesystem write capability Doc Mismatch SKILL.md declares network capabilities but the skill also writes to local data/ directory (music_cache.json, rename_queue.json) and performs file operations on Synology NAS (rename, move files). These filesystem WRITE operations are not documented. `DATA_DIR = Path(__file__).parent.parent / "data"` → Document all filesystem operations in SKILL.md, including data/ directory writes and Synology file operations.	`scripts/gequhai_crawler.py:30`
Low	Auto-registration to configurable gateway URL Priv Escalation The FastAPI service auto-registers to a Skill Gateway at a URL controlled by environment variable SKILL_GATEWAY_URL. While this is a common pattern, it could be abused if the environment variable is compromised. `GATEWAY_URL = os.getenv("SKILL_GATEWAY_URL", "http://localhost:8200")` → Verify the gateway URL is from a trusted source and consider hardcoding known-good gateway addresses.	`service/main.py:135`
Info	Hardcoded local network IP address Sensitive Access Synology NAS IP address 192.168.123.223 is hardcoded. While this is declared in SKILL.md, hardcoded internal IPs are generally not recommended. `SYNOLOGY_HOST = "192.168.123.223"` → Consider using environment variable for the NAS host address to support different deployment environments.	`scripts/gequhai_crawler.py:211`

Resource	Declared	Inferred	Status	Evidence
Network	`READ`	`READ`	✓ Aligned	Makes HTTP requests to gequhai.com
Shell	`NONE`	`NONE`	—	No subprocess/shell execution detected
Filesystem	`NONE`	`WRITE`	✗ Violation	Writes to data/ directory and Synology NAS
Database	`NONE`	`NONE`	—	No database access

1 High 5 findings

📡

High IP Address 硬编码 IP 地址

120.0.0.0

scripts/gequhai_crawler.py:30

🔗

Medium External URL 外部 URL

https://www.gequhai.com/

SKILL.md:26

🔗

Medium External URL 外部 URL

https://pan.quark.cn/s/276fd9172e63

data/download_info.json:30

🔗

Medium External URL 外部 URL

https://lv-sycdn.kuwo.cn/2d44367307dca6de508dc3d6437ca393/69b35b17/resource/30106/trackmedia/M500002eyjaI0NYQfW.mp3

data/download_info.json:31

🔗

Medium External URL 外部 URL

https://www.gequhai.com

scripts/gequhai_crawler.py:20

File Tree

16 files · 59.2 KB · 1987 lines

Python 10f · 1626L JSON 4f · 224L Markdown 1f · 133L Text 1f · 4L

├─ ▾ 📁 data

│ ├─ 📋 download_info.json JSON 32L · 792 B

│ ├─ 📋 jj_search.json JSON 4L · 61 B

│ ├─ 📋 ranking.json JSON 187L · 3.5 KB

│ └─ 📋 rename_queue.json JSON 1L · 2 B

├─ ▾ 📁 scripts

│ ├─ 🐍 gequhai_crawler.py Python 925L · 30.0 KB

│ ├─ 🐍 get_hot.py Python 18L · 554 B

│ ├─ 🐍 get_ranking_file.py Python 69L · 2.1 KB

│ ├─ 🐍 get_ranking_json.py Python 64L · 1.9 KB

│ ├─ 🐍 get_ranking.py Python 72L · 2.2 KB

│ ├─ 🐍 search_download.py Python 142L · 4.3 KB

│ ├─ 🐍 search_jj_new.py Python 46L · 1.5 KB

│ ├─ 🐍 search_jj.py Python 45L · 1.4 KB

│ └─ 🐍 test_search.py Python 36L · 1.1 KB

├─ ▾ 📁 service

│ ├─ 🐍 main.py Python 209L · 6.2 KB

│ └─ 📄 requirements.txt Text 4L · 64 B

└─ 📝 SKILL.md Markdown 133L · 3.6 KB

Dependencies 5 items

Package	Version	Source	Known Vulns	Notes
`requests`	`>=2.32.0`	requirements.txt	No	Pinned minimum version
`beautifulsoup4`	`*`	gequhai_crawler.py	No	Imported but not in requirements
`fastapi`	`>=0.115.0`	requirements.txt	No	Pinned minimum version
`uvicorn`	`>=0.32.0`	requirements.txt	No	Pinned minimum version
`httpx`	`>=0.27.0`	requirements.txt	No	Pinned minimum version

Security Positives

✓ No evidence of credential exfiltration - credentials used only for legitimate NAS access

✓ No reverse shell, C2 communication, or data theft behavior detected

✓ API authentication key is properly documented in SKILL.md

✓ Uses standard HTTP libraries (requests, httpx) without suspicious patterns

✓ No attempts to access sensitive paths like ~/.ssh, ~/.aws, or .env files

✓ No curl|bash or wget|sh remote script execution patterns

Scan Report

Findings 5 items

File Tree

Dependencies 5 items

Security Positives