中文 EN
Start Review
Skill Trust Decision

maxhub-lemon8

纯文档型Skill,依赖硬编码IP的第三方API服务,存在基础设施不透明和明文传输风险,无本地代码执行能力

Install decision first Source: ClawHub Scanned: 5 days ago
Files 3
Artifacts 3
Violations 0
Findings 3
Most direct threat evidence
High IP Address
111.229.168.177

Why this conclusion was reached

1/4 dimensions flagged
Pass
Declared vs actual capability

Declared resources and inferred behavior are broadly aligned.

Block
Hidden execution and egress

1 high-risk artifacts or egress signals were extracted.

Pass
Attack chain and severe findings

There is no explicit malicious chain in the report.

Review
Dependencies and supply chain hygiene

Dependency information is incomplete, so supply-chain confidence stays limited.

What drove the risk score up

硬编码IP地址 +15

111.229.168.177 硬编码于多处,绕过DNS透明度,常见于隐蔽C2基础设施

明文HTTP通信 +10

base URL使用http://而非https://,API密钥明文传输存在中间人风险

境外IP +5

IP归属地指向境外服务器,跨境数据处理合规性存疑

API中转架构 +5

依赖第三方'MaxHub'中转站聚合多个平台API,基础设施不透明

Most important evidence

Medium Doc Mismatch

硬编码IP地址规避域名透明度

SKILL.md 多处硬编码 111.229.168.177 作为API基础URL,绕过DNS解析的正常透明度机制。文档声称这是'备案期间的临时地址',但未提供域名或HTTPS,存在可疑基础设施特征

SKILL.md:14
要求提供可验证的域名,使用HTTPS,并披露服务运营方信息
Medium Sensitive Access

API密钥明文HTTP传输风险

所有API调用使用http://明文协议,x-api-key通过请求头传输,存在中间人劫持风险

SKILL.md:19
强制使用HTTPS,审查MaxHub服务端TLS配置
Low Supply Chain

第三方API中转站依赖

Skill依赖名为'MaxHub'的第三方服务聚合Lemon8等平台数据,MaxHub服务本身未经独立审计

SKILL.md:1
评估MaxHub服务可靠性和数据处理合规性

Declared capability vs actual capability

Filesystem Pass
Declared NONE
Inferred NONE
无文件操作代码
Network Pass
Declared READ
Inferred READ
SKILL.md:17-22 仅声明API调用
Shell Pass
Declared NONE
Inferred NONE
SKILL.md 无shell执行描述
Environment Pass
Declared READ
Inferred READ
SKILL.md:10 仅访问MAXHUB_API_KEY
Skill Invoke Pass
Declared NONE
Inferred NONE
无跨skill调用

Suspicious artifacts and egress

High IP Address
111.229.168.177

SKILL.md:14

Medium External URL
http://111.229.168.177

SKILL.md:14

Medium External URL
http://111.229.168.177)

SKILL.md:33

Dependencies and supply chain

There are no structured dependency warnings.

File composition

3 files · 289 lines
Markdown 3 files · 289 lines
Files of concern · 1
SKILL.md Markdown · 213 lines
硬编码IP地址规避域名透明度 · API密钥明文HTTP传输风险 · 第三方API中转站依赖 · 111.229.168.177 · http://111.229.168.177 · http://111.229.168.177)
Other files · api-catalog.md · chain-patterns.md

Security positives

纯文档型Skill,无本地代码执行能力
未声明访问敏感文件路径(~/.ssh、.env等)
未发现凭证收割、代码混淆、反向shell等恶意指标
使用环境变量管理密钥而非硬编码