安全决策报告
gequhai-music
Skill contains hardcoded Synology credentials and base64 obfuscation for download URLs without full disclosure in documentation, presenting significant security risks for credential exposure and unauthorized NAS access.
最直接的威胁证据
高危 凭证窃取
Hardcoded Synology password not declared in documentation Synology NAS password 'Xx654321' is hardcoded in scripts/gequhai_crawler.py line 215. SKILL.md only mentions username 'xiaoai' but does not disclose the password. This exposes credentials that could be extracted and reused for unauthorized NAS access.
scripts/gequhai_crawler.py:215 为什么得出这个结论
3/4 个维度触发 阻止
声明与实际能力
发现 1 项声明之外的能力或越权行为。
阻止
隐藏执行与外联
提取到 1 个高危 IOC 或外联信号。
阻止
攻击链与高危发现
报告包含 0 步攻击链,另有 1 项高危或严重发现。
复核
依赖与供应链卫生
发现 5 项需要关注的依赖或供应链线索。
风险分是怎么被拉高的
Hardcoded credentials (undisclosed) +25
Synology password 'Xx654321' hardcoded in scripts/gequhai_crawler.py:215 - not declared in SKILL.md
Base64 obfuscation +10
Custom base64 encoding (#→H, %→S) used for high-quality download URLs - obfuscation without documented reason
Local network access to NAS +5
Skill can execute file operations on Synology NAS at 192.168.123.223:5000
No malicious exfiltration detected +-10
Credentials are used only for legitimate NAS access, not exfiltrated
Service auto-registration +5
Auto-registers to Skill Gateway at configurable URL
最关键的证据
高危 凭证窃取
Hardcoded Synology password not declared in documentation
Synology NAS password 'Xx654321' is hardcoded in scripts/gequhai_crawler.py line 215. SKILL.md only mentions username 'xiaoai' but does not disclose the password. This exposes credentials that could be extracted and reused for unauthorized NAS access.
scripts/gequhai_crawler.py:215 Use environment variables or secure credential storage. Declare credential usage in SKILL.md if intentional.
中危 代码混淆
Base64 obfuscation for download URLs
The decode_modified_base64() function uses custom base64 encoding where # is replaced with H and % is replaced with S. While used for legitimate music download URLs, this obfuscation pattern is suspicious and could hide malicious payloads.
scripts/gequhai_crawler.py:52 If this is for legitimate URL encoding, document the scheme in SKILL.md. Consider using standard base64 if possible.
中危 文档欺骗
Undeclared filesystem write capability
SKILL.md declares network capabilities but the skill also writes to local data/ directory (music_cache.json, rename_queue.json) and performs file operations on Synology NAS (rename, move files). These filesystem WRITE operations are not documented.
scripts/gequhai_crawler.py:30 Document all filesystem operations in SKILL.md, including data/ directory writes and Synology file operations.
低危 权限提升
Auto-registration to configurable gateway URL
The FastAPI service auto-registers to a Skill Gateway at a URL controlled by environment variable SKILL_GATEWAY_URL. While this is a common pattern, it could be abused if the environment variable is compromised.
service/main.py:135 Verify the gateway URL is from a trusted source and consider hardcoding known-good gateway addresses.
提示 敏感访问
Hardcoded local network IP address
Synology NAS IP address 192.168.123.223 is hardcoded. While this is declared in SKILL.md, hardcoded internal IPs are generally not recommended.
scripts/gequhai_crawler.py:211 Consider using environment variable for the NAS host address to support different deployment environments.
声明能力 vs 实际能力
网络访问 通过
声明 READ
→ 推断 READ
Makes HTTP requests to gequhai.com 命令执行 通过
声明 NONE
→ 推断 NONE
No subprocess/shell execution detected 文件系统 阻止
声明 NONE
→ 推断 WRITE
Writes to data/ directory and Synology NAS 数据库 通过
声明 NONE
→ 推断 NONE
No database access 可疑产物与外联
高危 IP 地址
120.0.0.0 scripts/gequhai_crawler.py:30
中危 外部 URL
https://www.gequhai.com/ SKILL.md:26
中危 外部 URL
https://pan.quark.cn/s/276fd9172e63 data/download_info.json:30
中危 外部 URL
https://lv-sycdn.kuwo.cn/2d44367307dca6de508dc3d6437ca393/69b35b17/resource/30106/trackmedia/M500002eyjaI0NYQfW.mp3 data/download_info.json:31
中危 外部 URL
https://www.gequhai.com scripts/gequhai_crawler.py:20
依赖与供应链
| 包名 | 版本 | 来源 | 漏洞 | 备注 |
|---|---|---|---|---|
| requests | >=2.32.0 | requirements.txt | 否 | Pinned minimum version |
| beautifulsoup4 | * | gequhai_crawler.py | 否 | Imported but not in requirements |
| fastapi | >=0.115.0 | requirements.txt | 否 | Pinned minimum version |
| uvicorn | >=0.32.0 | requirements.txt | 否 | Pinned minimum version |
| httpx | >=0.27.0 | requirements.txt | 否 | Pinned minimum version |
文件构成
16 个文件 · 1987 行
Python 10 个文件 · 1626 行JSON 4 个文件 · 224 行Markdown 1 个文件 · 133 行Text 1 个文件 · 4 行
需关注文件 · 4
scripts/gequhai_crawler.py Hardcoded Synology password not declared in documentation · Base64 obfuscation for download URLs · Undeclared filesystem write capability · Hardcoded local network IP address · 120.0.0.0 · https://www.gequhai.com
service/main.py Auto-registration to configurable gateway URL
SKILL.md https://www.gequhai.com/
data/download_info.json https://pan.quark.cn/s/276fd9172e63 · https://lv-sycdn.kuwo.cn/2d44367307dca6de508dc3d6437ca393/69b35b17/resource/30106/trackmedia/M500002eyjaI0NYQfW.mp3
其他文件 · search_download.py · ranking.json · get_ranking.py · get_ranking_file.py · get_ranking_json.py · search_jj_new.py +2
安全亮点
No evidence of credential exfiltration - credentials used only for legitimate NAS access
No reverse shell, C2 communication, or data theft behavior detected
API authentication key is properly documented in SKILL.md
Uses standard HTTP libraries (requests, httpx) without suspicious patterns
No attempts to access sensitive paths like ~/.ssh, ~/.aws, or .env files
No curl|bash or wget|sh remote script execution patterns