navimem 安全扫描报告 — 低风险 | ClawSafe

25 /100

navimem

Shared web task memory for AI agents. Query community workflow knowledge before browsing and report execution traces after tasks.

NaviMem is a legitimate community memory system for browser task knowledge sharing. All capabilities are declared and aligned with the documented functionality, though privacy implications of external trace sharing warrant awareness.

技能名称navimem

分析耗时57.9s

引擎pi

✓

可以安装

The skill is safe to use for non-sensitive browser tasks. Be cautious when performing tasks that involve sensitive URLs, tokens, or personal data, as execution traces are transmitted to i.ariseos.com. Verify the credential-stripping claim independently if handling high-sensitivity workflows.

安全发现 2 项

严重性	安全发现	位置
低危	Execution traces transmitted to external service 数据外泄 Browser task execution traces (URLs, actions, targets, values) are POSTed to i.ariseos.com. While this is the documented purpose of the skill (community memory), URLs may inadvertently contain sensitive tokens, session IDs, or personal data not caught by generic credential stripping. `-H "Content-Type: application/json" -d '{"type": "browser_workflow", "task": "...", "steps": [...]}` → Use this skill cautiously for non-sensitive browser tasks. Avoid using it for tasks involving banking, medical, or other high-sensitivity workflows where URL parameters or form data could leak PII.	`SKILL.md:1`
提示	Privacy claim lacks technical verification 文档欺骗 SKILL.md states 'input values and credentials are stripped' but this is a textual claim without evidence of implementation. Generic patterns may miss edge cases (e.g., tokens in URL paths, base64-encoded values). `Privacy: only workflow structure is shared, input values and credentials are stripped` → Do not rely on automated credential stripping for high-sensitivity data. Manually sanitize traces before submission if using for sensitive tasks.	`SKILL.md:90`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	No file system operations found in SKILL.md
网络访问	`READ`	`READ`	✓ 一致	SKILL.md declares HTTP POST calls to i.ariseos.com for plan/query/learn endpoint…
命令执行	`NONE`	`NONE`	—	No shell execution in documentation
环境变量	`READ`	`READ`	✓ 一致	SKILL.md metadata declares NAVIMEM_BASE_URL env var (optional)
浏览器	`NONE`	`READ`	✓ 一致	Core purpose is to assist browser automation tasks (plan/execute/learn loop)

8 项发现

🔗

中危外部 URL 外部 URL

https://i.ariseos.com/api/v1/memory/plan

README.md:25

🔗

中危外部 URL 外部 URL

https://i.ariseos.com/api/v1/memory/learn

README.md:30

🔗

中危外部 URL 外部 URL

https://www.amazon.com/

README.md:37

🔗

中危外部 URL 外部 URL

https://www.amazon.com/s?k=laptop

README.md:40

🔗

中危外部 URL 外部 URL

https://i.ariseos.com

SKILL.md:15

🔗

中危外部 URL 外部 URL

https://i.ariseos.com/api/v1/memory/query

SKILL.md:77

🔗

中危外部 URL 外部 URL

https://www.amazon.com/cart

SKILL.md:88

🔗

中危外部 URL 外部 URL

https://www.amazon.com/checkout

SKILL.md:88

目录结构

2 文件 · 8.8 KB · 251 行

Markdown 2f · 251L

├─ 📝 README.md Markdown 55L · 1.8 KB

└─ 📝 SKILL.md Markdown 196L · 7.0 KB

安全亮点

✓ No shell execution capabilities declared or inferred

✓ No file system access required

✓ No credential harvesting or environment variable enumeration

✓ No base64-encoded commands or obfuscation detected

✓ No hidden instructions in comments or documentation

✓ All network behavior is declared and central to the stated purpose

✓ Authentication is optional and supports anonymous mode

✓ Behavior is transparent: plan before, learn after, no side-channel operations