中文 EN

扫描报告

扫描新文件

高风险 — 风险评分 65/100
上次扫描:1 天前 重新扫描
65 /100
huo15-memory-evolution
火一五记忆进化技能 - 四类分类体系记忆系统改造
Critical: hardcoded API key exposed in source code at scripts/dream.sh:79 enables unauthorized API usage if repository is accessed.
技能名称huo15-memory-evolution
分析耗时45.7s
引擎pi
不要安装此技能
IMMEDIATE: Remove the hardcoded API key from scripts/dream.sh and use environment variable instead. Rotate the exposed API key immediately.

攻击链 3 步

提权 Attacker gains read access to repository (public repo, insider threat, or leaked credentials)
N/A
提权 Attacker extracts hardcoded API key from scripts/dream.sh:79
scripts/dream.sh:79
影响 Attacker uses extracted API key to make unauthorized calls to MiniMax API at api.minimaxi.com, incurring costs to the victim's account
N/A

安全发现 3 项

严重性 安全发现 位置
严重
Hardcoded API Key in Source Code 凭证窃取
A MiniMax API key is hardcoded in plain text at scripts/dream.sh:79. This key is visible to anyone with repository access and could be extracted and misused if the repo is public, shared, or leaked.
API_KEY="sk-cp-pD1WY6KcHeUNXDeKmG4ZnzDch-sXsZKmAsNn7rXZDoAbGwc7u6XJn55Z6GbgW3qngTC-i5geM4PzDwkaSj8sQUSk2TPPj-lrLc-Yamjn-S2j4mfOT8RGKUY"
→ Replace with environment variable: API_KEY="${MINIMAX_API_KEY}" and require user to set it. Rotate the exposed key immediately.
 scripts/dream.sh:79
高危
Undeclared Network Access 文档欺骗
The SKILL.md makes no mention of network access. The dream.sh script makes HTTP POST requests to api.minimaxi.com, transmitting the API key as Bearer authentication.
curl -s -X POST "$API_URL" -H "Authorization: Bearer $API_KEY"
→ Declare network:WRITE capability in SKILL.md and explain the LLM integration purpose.
 scripts/dream.sh:89
中危
Undeclared Filesystem Write to ~/.openclaw/ 敏感访问
Multiple scripts (install.sh, migrate.sh, batch-install.sh) write to $HOME/.openclaw/workspace and related directories without explicit declaration in SKILL.md.
mkdir -p "$WORKSPACE_DIR/memory"
→ Add filesystem:WRITE to declared capabilities in SKILL.md with explanation of target paths.
 scripts/install.sh:53
资源类型声明权限推断权限状态证据
文件系统 NONE WRITE ✓ 一致 install.sh, migrate.sh, batch-install.sh write to ~/.openclaw/ without explicit …
网络访问 NONE WRITE ✗ 越权 dream.sh:89 - curl POST to api.minimaxi.com with API key
环境变量 NONE READ ✓ 一致 OC_AGENT_ID environment variable read for routing - legitimate behavior document…
1 高危 5 项发现
🔑
高危 API 密钥 疑似硬编码凭证
API_KEY="sk-cp-pD1WY6KcHeUNXDeKmG4ZnzDch-sXsZKmAsNn7rXZDoAbGwc7u6XJn55Z6GbgW3qngTC-i5geM4PzDwkaSj8sQUSk2TPPj-lrLc-Yamjn-...
scripts/dream.sh:79
🔗
中危 外部 URL 外部 URL
https://api.minimaxi.com/v1/text/chatcompletion_v2
scripts/dream.sh:80
📧
提示 邮箱 邮箱地址
[email protected]
scripts/MIGRATION-REPORT-2026-04-04.md:35
📧
提示 邮箱 邮箱地址
[email protected]
scripts/MIGRATION-REPORT-2026-04-04.md:38
📧
提示 邮箱 邮箱地址
[email protected]
scripts/MIGRATION-REPORT-2026-04-04.md:39

目录结构

16 文件 · 55.6 KB · 2108 行
Shell 8f · 1468L Markdown 4f · 436L JSON 2f · 113L JavaScript 1f · 65L Text 1f · 26L
├─ 📁 config
│ ├─ 📜 agent-routing.js JavaScript 65L · 2.3 KB
│ └─ 📋 memory-types.json JSON 108L · 3.3 KB
├─ 📁 scripts
│ ├─ 📁 snapshots
│ │ └─ 📄 snapshot-info-2026-04-04-234219.txt Text 26L · 1.2 KB
│ ├─ 🔧 batch-install.sh Shell 160L · 4.3 KB
│ ├─ 🔧 check-drift.sh Shell 121L · 3.4 KB
│ ├─ 🔧 dream.sh Shell 242L · 7.0 KB
│ ├─ 📝 INSTALL-REPORT-2026-04-04.md Markdown 41L · 998 B
│ ├─ 🔧 install.sh Shell 283L · 7.2 KB
│ ├─ 🔧 migrate.sh Shell 327L · 7.7 KB
│ ├─ 📝 MIGRATION-REPORT-2026-04-04.md Markdown 49L · 911 B
│ ├─ 🔧 rollback.sh Shell 84L · 2.2 KB
│ ├─ 🔧 snapshot.sh Shell 87L · 2.4 KB
│ └─ 🔧 verify.sh Shell 164L · 4.3 KB
├─ 📁 templates
│ └─ 📝 memory-file.md Markdown 27L · 298 B
├─ 📋 _meta.json JSON 5L · 141 B
└─ 📝 SKILL.md Markdown 319L · 8.0 KB

安全亮点

✓ Sensitive information isolation logic is well-designed (migrate.sh lines 118-146) - attempts to prevent cross-agent credential leakage
✓ Snapshot/rollback mechanism provides safe recovery path
✓ No evidence of reverse shell, C2, or covert data exfiltration channels
✓ Cron job configuration is documented and optional