扫描报告
20 /100
claim-risk-auditor
检查文案、论文、宣传稿或产品说明中的高风险断言,标出证据缺口并给出更稳妥的改写
A straightforward clipboard-reading utility for macOS that accurately declares its shell:WRITE permission and performs only read-only pbpaste execution with no hidden behavior.
可以安装
No action required. The skill is straightforward and its declared shell:WRITE permission is necessary for reading clipboard via pbpaste. Consider pinning node dependency and restricting permission to shell:READ if the tool allows it.
安全发现 2 项
| 严重性 | 安全发现 | 位置 |
|---|---|---|
| 低危 | Clipboard read not declared in metadata 权限提升 | scripts/read_clipboard.mjs:6 |
| 低危 | shell:WRITE permission is inflated 权限提升 | scripts/read_clipboard.mjs:6 |
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | NONE | — | No file reads or writes found |
| 网络访问 | NONE | NONE | — | No network requests found |
| 命令执行 | WRITE | READ (read-only pbpaste) | ✓ 一致 | scripts/read_clipboard.mjs:6 — execSync runs 'pbpaste' which only reads clipboar… |
| 环境变量 | NONE | NONE | — | No environment variable access |
| 剪贴板 | NONE | READ | ✓ 一致 | scripts/read_clipboard.mjs:6 — reads clipboard via pbpaste; clipboard:READ not d… |
目录结构
4 文件 · 1.7 KB · 84 行 Markdown 3f · 65L
JavaScript 1f · 19L
├─
▾
scripts
│ └─
read_clipboard.mjs
JavaScript
├─
CHANGELOG.md
Markdown
├─
README.md
Markdown
└─
SKILL.md
Markdown
安全亮点
✓ No network requests or data exfiltration
✓ No credential harvesting or environment variable access
✓ No obfuscation, base64, or anti-analysis patterns
✓ No sensitive file or path access (~/.ssh, ~/.aws, .env)
✓ Script is short (19 lines) and easy to audit
✓ No external dependencies or npm packages
✓ Script behavior fully aligns with SKILL.md description
✓ No hidden functionality beyond stated purpose
✓ Includes proper error handling for empty clipboard