electron-audit 安全扫描报告 — 可信 | ClawSafe

5 /100

electron-audit

Electron 桌面应用全攻击面安全审计 - Comprehensive security auditing guide for Electron desktop applications

This is a legitimate security auditing skill for Electron applications consisting entirely of documentation files with no executable code. All references to attacker infrastructure are educational examples explaining attack patterns for security testing purposes.

技能名称electron-audit

分析耗时33.2s

引擎pi

✓

可以安装

This skill is safe to use. No action required. The skill provides comprehensive guidance for security researchers to audit Electron applications.

安全发现 2 项

严重性	安全发现	位置
提示	Attacker domain references in documentation References to 'attacker.com', 'evil.com', and similar domains appear throughout the documentation. These are standard security testing example domains used in educational content to illustrate attack scenarios (e.g., XSS payload redirects, C2 exfiltration destinations). This is legitimate security documentation practice. `https://attacker.com/log?key=, https://evil.com/phishing.html` → No action needed. This is standard security education content.	`references/PROTOCOL_RCE.md, references/JS_BRIDGE_EXPLOIT.md, references/XSS_TO_RCE.md, references/FUSE_BINARY_EXPLOIT.md:Various`
提示	Comprehensive attack methodology documentation The skill documents extensive offensive techniques including RCE, XSS chains, DLL hijacking, Fuse abuse, and local data theft. This is appropriate for legitimate penetration testing and security research purposes. `Documentation of attack patterns for security auditing` → No action needed. This content serves legitimate security testing purposes.	`SKILL.md and all references/*.md:Various`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	No script files present, only documentation
网络访问	`NONE`	`NONE`	—	No network access required, documentation-only skill
命令执行	`NONE`	`NONE`	—	No shell commands in skill, references are command examples in documentation
环境变量	`NONE`	`NONE`	—	No environment variable access
技能调用	`NONE`	`NONE`	—	Documentation skill, no sub-skill invocation
剪贴板	`NONE`	`NONE`	—	Not accessed
浏览器	`NONE`	`NONE`	—	Documentation skill
数据库	`NONE`	`NONE`	—	Not accessed

23 项发现

🔗

中危外部 URL 外部 URL

http://127.0.0.1:9222

SKILL.md:300

🔗

中危外部 URL 外部 URL

https://evil.com

SKILL.md:502

🔗

中危外部 URL 外部 URL

https://www.electronjs.org/blog/tags/security

references/CONFIG_AUDIT.md:185

🔗

中危外部 URL 外部 URL

https://chromereleases.googleblog.com/

references/CONFIG_AUDIT.md:186

🔗

中危外部 URL 外部 URL

https://releases.electronjs.org/

references/ELECTRON_CVE_DATABASE.md:70

🔗

中危外部 URL 外部 URL

https://v8.dev/blog

references/ELECTRON_CVE_DATABASE.md:131

🔗

中危外部 URL 外部 URL

https://nodejs.org/en/blog/vulnerability

references/ELECTRON_CVE_DATABASE.md:190

🔗

中危外部 URL 外部 URL

http://attacker.com/shell.ps1\\\

references/FUSE_BINARY_EXPLOIT.md:53

🔗

中危外部 URL 外部 URL

https://attacker.com/beacon?host=

references/FUSE_BINARY_EXPLOIT.md:329

🔗

中危外部 URL 外部 URL

https://attacker.com/log?data=

references/JS_BRIDGE_EXPLOIT.md:324

🔗

中危外部 URL 外部 URL

https://attacker.com/log?env=

references/JS_BRIDGE_EXPLOIT.md:327

🔗

中危外部 URL 外部 URL

https://attacker.com/log?c=

references/PROTOCOL_RCE.md:95

🔗

中危外部 URL 外部 URL

https://evil.com/phishing.html

references/PROTOCOL_RCE.md:133

🔗

中危外部 URL 外部 URL

https://attacker.com

references/PROTOCOL_RCE.md:231

🔗

中危外部 URL 外部 URL

https://untrusted.com

references/PROTOCOL_RCE.md:383

🔗

中危外部 URL 外部 URL

https://cdn.example.com/lib.js

references/SUPPLY_CHAIN.md:184

🔗

中危外部 URL 外部 URL

https://attacker.com/log?key=

references/XSS_TO_RCE.md:140

🔗

中危外部 URL 外部 URL

https://attacker.com/?c=

references/XSS_TO_RCE.md:234

🔗

中危外部 URL 外部 URL

https://attacker.com/?ls=

references/XSS_TO_RCE.md:237

🔗

中危外部 URL 外部 URL

https://attacker.com/?k=

references/XSS_TO_RCE.md:240

🔗

中危外部 URL 外部 URL

https://attacker.com/phish

references/XSS_TO_RCE.md:243

🔗

中危外部 URL 外部 URL

https://hooks\.slack\.com/services/T[A-Z0-9

rules/sensitive_patterns.txt:37

🔗

中危外部 URL 外部 URL

https://discord(app

rules/sensitive_patterns.txt:38

目录结构

12 文件 · 138.6 KB · 4525 行

Markdown 11f · 4439L Text 1f · 86L

├─ ▾ 📁 references

│ ├─ 📝 CONFIG_AUDIT.md Markdown 210L · 6.2 KB

│ ├─ 📝 DEVTOOLS_BYPASS.md Markdown 540L · 14.2 KB

│ ├─ 📝 ELECTRON_CVE_DATABASE.md Markdown 236L · 8.1 KB

│ ├─ 📝 FUSE_BINARY_EXPLOIT.md Markdown 415L · 10.7 KB

│ ├─ 📝 JS_BRIDGE_EXPLOIT.md Markdown 480L · 14.8 KB

│ ├─ 📝 LOCAL_DATA_ANALYSIS.md Markdown 445L · 10.3 KB

│ ├─ 📝 OUTPUT_TEMPLATE.md Markdown 264L · 7.3 KB

│ ├─ 📝 PROTOCOL_RCE.md Markdown 430L · 12.1 KB

│ ├─ 📝 SUPPLY_CHAIN.md Markdown 257L · 6.7 KB

│ └─ 📝 XSS_TO_RCE.md Markdown 389L · 12.1 KB

├─ ▾ 📁 rules

│ └─ 📄 sensitive_patterns.txt Text 86L · 6.1 KB

└─ 📝 SKILL.md Markdown 773L · 30.0 KB

安全亮点

✓ No executable code present - purely documentation

✓ No credential harvesting or exfiltration mechanisms

✓ No C2 infrastructure or command-and-control patterns

✓ No reverse shells or backdoors

✓ No supply chain risks (no dependencies to install)

✓ Well-structured security audit methodology for legitimate purposes

✓ Includes anti-pattern rules to prevent false positives in reports

✓ Contains false positive filtering rules for responsible disclosure